{"description": "To set the runtime status of the <code>kernel.sysrq</code> kernel parameter, run the following command: <pre>$ sudo sysctl -w kernel.sysrq=0</pre>\nTo make sure that the setting is persistent, add the following line to a file in the directory <tt>/etc/sysctl.d</tt>: <pre>kernel.sysrq = 0</pre>", "rationale": "The Magic SysRq key allows sending certain commands directly to the running\nkernel. It can dump various system and process information, potentially\nrevealing sensitive information. It can also reboot or shutdown the machine,\ndisturbing its availability.", "severity": "medium", "references": {"anssi": ["R9"]}, "control_references": {"anssi": ["R9"]}, "components": [], "identifiers": {}, "ocil_clause": "the correct value is not returned", "ocil": "The runtime status of the <code>kernel.sysrq</code> kernel parameter can be queried\nby running the following command:\n<pre>$ sysctl kernel.sysrq</pre>\n<code>0</code>.\n", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": "system_with_kernel", "platforms": ["system_with_kernel"], "sce_metadata": {"check-import": "stdout", "platform": ["multi_platform_all"], "environment": "any", "filename": "sysctl_kernel_sysrq.sh", "relative_path": "ubuntu2204/checks/sce/sysctl_kernel_sysrq.sh"}, "inherited_platforms": [], "cpe_platform_names": ["system_with_kernel"], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Disallow magic SysRq key", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/permissions/restrictions/sysctl_kernel_sysrq/rule.yml", "template": {"name": "sysctl", "vars": {"sysctlvar": "kernel.sysrq", "sysctlval": "0", "datatype": "int"}, "backends": {}}}