The Xylok Security Suite configuration for DEBUG must be False.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-269580 | SRG-APP-000266 | XYLK-20-000109 | SV-269580r1053515_rule | 2024-12-13 | 1 |
| Description |
|---|
| Providing too much information in error messages risks compromising the data and security of the Xylok Security Suite and system. If DEBUG is set to True, it will show stack traces in error messages to assist with contact Xylok Support, but potentially reveal secure information. |
| ℹ️ Check |
|---|
| Verify DEBUG is configured. Execute the following: $ grep DEBUG /etc/xylok.conf DEBUG=False If "DEBUG" is not set to False or is missing, this is a finding. |
| ✔️ Fix |
|---|
| Set DEBUG: 1. As root, open /etc/xylok.conf in a text editor. 2. Add/Amend "DEBUG=False" to the configuration file. 3. Restart Xylok to apply settings by executing the following: # systemctl restart xylok |