The system must not permit interactive boot.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-217906 | RHEL-06-000070 | SV-217906r505923_rule | Medium |
| Description |
|---|
| Using interactive boot, the console user could disable auditing, firewalls, or other services, weakening system security. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2020-09-03 |
Details
| Check Text ( C-19387r376733_chk ) |
|---|
| To check whether interactive boot is disabled, run the following command: $ grep PROMPT /etc/sysconfig/init If interactive boot is disabled, the output will show: PROMPT=no If it does not, this is a finding. |
| Fix Text (F-19385r376734_fix) |
|---|
| To disable the ability for users to perform interactive startups, edit the file "/etc/sysconfig/init". Add or correct the line: PROMPT=no The "PROMPT" option allows the console user to perform an interactive system startup, in which it is possible to select the set of services which are started on boot. |