Xylok Security Suite must expire a session upon browser closing.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
high	V-269572	SRG-APP-000005	XYLK-20-000005	SV-269572r1053491_rule	2024-12-13	1

Description
When the session expires as soon as the browser is closed, it prevents session hijacking and unauthorized users from accessing the account or data if they reopen the browser. Leaving a session open in the browser even after it is closed could expose the system to various types of attacks, like cross-site scripting (XSS) or malware designed to steal session cookies. Automatically expiring sessions mitigates this risk. Satisfies: SRG-APP-000005, SRG-APP-000220, SRG-APP-000295, SRG-APP-000413

Description

When the session expires as soon as the browser is closed, it prevents session hijacking and unauthorized users from accessing the account or data if they reopen the browser. Leaving a session open in the browser even after it is closed could expose the system to various types of attacks, like cross-site scripting (XSS) or malware designed to steal session cookies. Automatically expiring sessions mitigates this risk. Satisfies: SRG-APP-000005, SRG-APP-000220, SRG-APP-000295, SRG-APP-000413

ℹ️ Check
Verify session expires after browser is closed. Execute the following: $ grep SESSION_EXPIRE_AT_BROWSER_CLOSE /etc/xylok.conf SESSION_EXPIRE_AT_BROWSER_CLOSE=True If "SESSION_EXPIRE_AT_BROWSER_CLOSE" is not set to "True" or is missing, this is a finding.

✔️ Fix
Set the session expiration: 1. As root, open /etc/xylok.conf in a text editor. 2. Add/Amend "SESSION_EXPIRE_AT_BROWSER_CLOSE=True" to the configuration file. 3. Restart Xylok to apply settings by executing the following: # systemctl restart xylok