STIG ID: RHEL-08-040172 | SRG: SRG-OS-000480-GPOS-00227 | Severity: high | CCI: | Vulnerability Id: V-230531
A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
Configure the system to disable the CtrlAltDelBurstAction by added or modifying the following line in the "/etc/systemd/system.conf" configuration file:
CtrlAltDelBurstAction=none
Reload the daemon for this change to take effect.
$ sudo systemctl daemon-reload
Verify RHEL 8 is not configured to reboot the system when Ctrl-Alt-Delete is pressed seven times within two seconds with the following command:
$ sudo grep -i ctrl /etc/systemd/system.conf
CtrlAltDelBurstAction=none
If the "CtrlAltDelBurstAction" is not set to "none", commented out, or is missing, this is a finding.