UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The DBMS data files, transaction logs and audit files should be stored in dedicated directories or disk partitions separate from software or other application files.


Overview

Finding ID Version Rule ID IA Controls Severity
V-15147 DG0111-ORACLE10 SV-24719r1_rule DCPA-1 Medium
Description
Protection of DBMS data, transaction and audit data files stored by the host operating system is dependent on OS controls. When different applications share the same database process, resource contention and differing security controls may be required to isolate and protect one application's data and audit logs from another. DBMS software libraries and configuration files also require differing access control lists.
STIG Date
Oracle 10 Database Installation STIG 2014-01-14

Details

Check Text ( C-883r1_chk )
Review the disk/directory specification where database data, transaction log and audit files are stored.

If DBMS data, transaction or audit data files are stored in the same directory, this is a Finding.

If separation of data, transaction and audit data is not supported by the DBMS, this check is Not a Finding.

If stored separately and access permissions for each directory is the same, this is a Finding.
Fix Text (F-3421r1_fix)
Specify dedicated directories for storage of database data, transaction and audit files.

Configure DBMS default file storage locations to use dedicated directories where supported by the DBMS.

Ensure access permissions for each directory is customized to allow access only by authorized users and processes.