UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Application objects should be owned by accounts authorized for ownership.


Overview

Finding ID Version Rule ID IA Controls Severity
V-15607 DG0008-ORACLE10 SV-24591r1_rule ECLP-1 Medium
Description
Database object ownership implies full privileges to the owned object including the privilege to assign access to the owned objects to other subjects. Unmanaged or uncontrolled ownership of objects can lead to unauthorized object grants and alterations.
STIG Date
Oracle 10 Database Instance STIG 2014-01-14

Details

Check Text ( None )
None
Fix Text (F-2543r1_fix)
Document all authorized application object owner accounts.

Use only authorized application object owner accounts to install and maintain application database objects.

Revoke privileges to create, drop, replace or alter application objects from unauthorized application object owners.