2.2.2 Ensure X11 Server components are not installed - rpm

Information

The X Window System provides a Graphical User Interface (GUI) where users can have multiple windows in which to run programs and various add on. The X Windows system is typically used on workstations where users login, but not on servers where users typically do not login.

Rationale:

Unless your organization specifically requires graphical login access via X Windows, remove it to reduce the potential attack surface.

Impact:

Many Linux systems run applications which require a Java runtime. Some Linux Java packages have a dependency on specific X Windows xorg-x11-fonts. One workaround to avoid this dependency is to use the 'headless' Java packages for your specific Java runtime.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Run the following command to remove the X Windows Server packages:

# yum remove xorg-x11-server*

See Also

https://workbench.cisecurity.org/files/3636

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CCI|CCI-000366, CSCv6|2.2, CSCv7|2.6, Rule-ID|SV-204624r646847_rule, STIG-ID|RHEL-07-040730

Plugin: Unix

Control ID: daffb191e254acfdbb96fccb7f139cfdc43cf815178be456c42cb703bc0dc93c