UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

OS accounts used to execute external procedures should be assigned minimum privileges.


Overview

Finding ID Version Rule ID IA Controls Severity
V-15620 DG0101-ORACLE11 SV-25054r1_rule DCFA-1 Medium
Description
External applications spawned by the DBMS process may be executed under OS accounts assigned unnecessary privileges that can lead to unauthorized access to OS resources. Unauthorized access to OS resources can lead to the compromise of the OS, the DBMS, and any other service provided by the host platform.
STIG Date
Oracle 11 Database Installation STIG 2014-01-14

Details

Check Text ( C-1769r1_chk )
Determine which OS accounts external DBMS executables are run.

Review the privileges assigned to these accounts and compare them to the System Security Plan and the function of the applications.

If assigned privileges exceed those necessary to operate as designed or the privileges do not match the list of required privileges for the application in the System Security Plan, this is a Finding.
Fix Text (F-3795r1_fix)
Configure OS accounts used by DBMS external procedures to have the minimum privileges necessary for operation.

Document DBMS external procedures and OS privileges need to execute the procedures in the System Security Plan.