The directory assigned to the CORE_DUMP_DEST parameter should be protected from unauthorized access.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-3853 | DO0237-ORACLE10 | SV-24878r1_rule | DCPA-1 | Medium |
| Description |
|---|
| The CORE_DUMP_DEST parameter indicates the directory for storing database core dump data. A ‘core dump’ occurs during an Oracle abend or database crash. These files may contain sensitive data or information that could prove useful to potential attackers. |
| STIG | Date |
|---|---|
| Oracle 10 Database Instance STIG | 2014-01-14 |
Details
| Check Text ( C-29429r1_chk ) |
|---|
| From SQL*Plus: select value from v$parameter where name = 'core_dump_dest'; If no value is listed, then Oracle defaults to the $ORACLE_HOME/dbs directory (UNIX) or %ORACLE_HOME%\database directory (Windows) for storing core dumps. On UNIX Systems: ls -ld [pathname] Substitute [pathname] with the directory path listed from the above SQL command. If permissions are granted for world access, this is a Finding. On Windows Systems (From Windows Explorer): Browse to the directory specified. Select and right-click on the directory, select Properties, select the Security tab. If permissions are granted to everyone, this is a Finding. If any account other than the Oracle process and software owner accounts, Administrators, DBAs, System group or developers authorized to write and debug applications on this database are listed, this is a Finding. |
| Fix Text (F-26458r1_fix) |
|---|
| Alter host system permissions to the CORE_DUMP_DEST directory to the Oracle process and software owner accounts, DBAs, SAs (if required) and developers or other users that may specifically require access for debugging or other purposes. Authorize and document user access requirements to the directory outside of the Oracle, DBA and SA account list in the System Security Plan. |