← Back to Xylok Security Suite 20.x Security Technical Implementation Guide

V-269578

CAT II (Medium)

The Xylok Security Suite READONLY configuration must be True.

Rule ID

SV-269578r1054098_rule

STIG

Xylok Security Suite 20.x Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-001499

Discussion

By default, the Xylok container is created not allowing users to modify any files inside the container. The only paths that can be altered are mounted from the host. Mount the database files from the host, so that the database server running inside the container can write data. If READONLY=false, then a user could go into the container as root and change other files. This approach helps protect the application from both external attacks and internal threats.

Check Content

Verify that Xylok's default read-only status is disabled by using the following command:

$ grep READONLY /etc/xylok.conf

If "READONLY" is set to False (case insensitive), is commented out or is missing, this is not a finding.

Fix Text

Revert Xylok to its default read-only configuration:

1. As root, open /etc/xylok.conf in a text editor.

2. Add/Amend "READONLY=True" to the configuration file.

3. Restart Xylok to apply settings:

    # systemctl restart xylok