Xylok Security Suite must initiate a session lock after a 15-minute period of inactivity.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
medium	V-269571	SRG-APP-000003	XYLK-20-000003	SV-269571r1053488_rule	2024-12-13	1

Description
A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system, but does not log out because of the temporary nature of the absence. The session lock is implemented at the point where session activity can be determined and/or controlled. This is handled at the operating system-level and results in a system lock. Satisfies: SRG-APP-000003, SRG-APP-000190

Description

A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system, but does not log out because of the temporary nature of the absence. The session lock is implemented at the point where session activity can be determined and/or controlled. This is handled at the operating system-level and results in a system lock. Satisfies: SRG-APP-000003, SRG-APP-000190

ℹ️ Check
Verify session is configured to lock after 15 minutes of inactivity. Execute the following: $ grep SESSION_LENGTH /etc/xylok.conf SESSION_LENGTH=900 If "SESSION_LENGTH" is set to more than15 minutes or is missing, this is a finding. Note: The setting is in seconds. 900 sec = 15 min.

✔️ Fix
Set the session length: 1. As root, open /etc/xylok.conf in a text editor. 2. Add/Amend "SESSION_LENGTH=900" to the configuration file. 3. Restart Xylok to apply settings by executing the following: # systemctl restart xylok