UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Database TRUSTWORTHY status should be authorized and documented or set to off.


Overview

Finding ID Version Rule ID IA Controls Severity
V-15173 DM6195-SQLServer9 SV-23868r2_rule ECLP-1 Medium
Description
The TRUSTWORTHY database setting restricts access to database resources by databases that contain assemblies with the EXTERNAL_ACCESS or UNSAFE permission settings and modules that use impersonation of accounts assigned elevated privileges. Unless all assemblies and code for the database have been reviewed, especially in the case where databases have been detached and attached between server instances, leaving the TRUSTWORTHY status to off can help reduce threats from malicious assemblies or modules.
STIG Date
Microsoft SQL Server 2005 Instance Security Technical Implementation Guide 2015-06-16

Details

Check Text ( C-22823r2_chk )
From the query prompt:

SELECT name
FROM [master].sys.databases
WHERE is_trustworthy_on = 1
AND name <> 'msdb'
AND state = 0

If any database names are returned, then verify in the System Security Plan that the TRUSTWORTHY database setting is documented as required and authorized.

If it is not documented, required and authorized, this is a Finding.
Fix Text (F-19745r1_fix)
Disable TRUSTWORTHY status on all databases (except the msdb database) if enabled and not authorized

From the query prompt:

ALTER DATABASE [database name] SET TRUSTWORTHY OFF

Include in the System Security Plan all relevant settings for each database.