Database TRUSTWORTHY status should be authorized and documented or set to off.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-15173	DM6195-SQLServer9	SV-23868r2_rule	ECLP-1	Medium

Description
The TRUSTWORTHY database setting restricts access to database resources by databases that contain assemblies with the EXTERNAL_ACCESS or UNSAFE permission settings and modules that use impersonation of accounts assigned elevated privileges. Unless all assemblies and code for the database have been reviewed, especially in the case where databases have been detached and attached between server instances, leaving the TRUSTWORTHY status to off can help reduce threats from malicious assemblies or modules.

Description

The TRUSTWORTHY database setting restricts access to database resources by databases that contain assemblies with the EXTERNAL_ACCESS or UNSAFE permission settings and modules that use impersonation of accounts assigned elevated privileges. Unless all assemblies and code for the database have been reviewed, especially in the case where databases have been detached and attached between server instances, leaving the TRUSTWORTHY status to off can help reduce threats from malicious assemblies or modules.

STIG	Date
Microsoft SQL Server 2005 Instance Security Technical Implementation Guide	2015-06-16

Details

Check Text ( C-22823r2_chk )
From the query prompt: SELECT name FROM [master].sys.databases WHERE is_trustworthy_on = 1 AND name <> 'msdb' AND state = 0 If any database names are returned, then verify in the System Security Plan that the TRUSTWORTHY database setting is documented as required and authorized. If it is not documented, required and authorized, this is a Finding.

Fix Text (F-19745r1_fix)
Disable TRUSTWORTHY status on all databases (except the msdb database) if enabled and not authorized From the query prompt: ALTER DATABASE [database name] SET TRUSTWORTHY OFF Include in the System Security Plan all relevant settings for each database.