Xylok Security Suite must protect application-specific data.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-269569 | XYLK-20-000334 | SV-269569r1053482_rule | Medium |
| Description |
| The /var/lib/xylok directory is essential for storing various types of data necessary for the operation and functionality of the Xylok Security Suite. It acts as a central repository for application data, ensuring that the suite can function effectively and maintain state and configuration between sessions. Proper management and protection of this directory is crucial to ensure the security and stability of the application. |
| STIG | Date |
| Xylok Security Suite 20.x Security Technical Implementation Guide | 2024-12-13 |
Details
| Check Text (C-73602r1053480_chk) |
| Check the Xylok lib file permissions with the following command: $ ls -l /var/lib/xylok If "db" file has permissions greater than "0700", this is a finding. If any other file or directory has permissions greater than "0755", this is a finding. |
| Fix Text (F-73503r1053481_fix) |
| As root, correct permissions for xylok.conf by running: # chmod -R 0755 /var/lib/xylok # chmod -R 0700 /var/lib/xylok/data/db |