Red Hat Bugzilla – Bug 2856
Kernel Alt-sysrq functionality is _dangerous_
Last modified: 2008-05-01 11:37:50 EDT
Before you punt this bug, let me give some background. It is
common, especially in academia, to give console access to
Linux workstations. It is also desirable for these machines
to be secure. This is often done by locking the machine the
keyboard/monitor is attached to, in a cupboard.
In RH5.2, all console "dangers" could be turned off, e.g.
ctrl-alt-del can be disabled in /etc/inittab
RH6.0 introduces 2 new console dangers; reboot/halt via gdm
and kernel alt-sysrq key.
The former may be disabled by editing /etc/X11/gdm/gdm.conf,
but the latter probably can't be turned off easily :-(
So I log this bug so the issue is known about.
Red Hat 6.0 ships with alt+sysreq key combination disabled. Unless
you explicitly build a kernel with it enabled those keys do
The gdm problem is another matter however.
Correction: alt-sysrq is not disabled in Red Hat Linux 6.0
We need to create a kernel patch that creates a sysconf variable
that controls whether alt-sysrq is enabled. We need to coordinate
this with kernel folks, obviously...
Maybe Alan can take a look at this?
fixed in initscripts-4.34-1.