Rule ID
SV-269571r1055707_rule
Version
V1R2
A session time-out lock is a temporary action taken when a user stops work and moves away from the immediate physical vicinity of the information system, but does not log out because of the temporary nature of the absence. The session lock is implemented at the point where session activity can be determined and/or controlled. This is handled at the operating system-level and results in a system lock. Satisfies: SRG-APP-000003, SRG-APP-000190
Verify session is configured to lock after 15 minutes of inactivity. Execute the following: $ grep SESSION_LENGTH /etc/xylok.conf SESSION_LENGTH=900 If "SESSION_LENGTH" is set to more than 15 minutes or is missing, this is a finding. Note: The setting is in seconds. 900 seconds = 15 minutes
Set the session length:
1. As root, open /etc/xylok.conf in a text editor.
2. Add/Amend "SESSION_LENGTH=900" to the configuration file.
3. Restart Xylok to apply settings by executing the following:
# systemctl restart xylok