The audit table should be owned by SYS or SYSTEM.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-2515 | DO0190-ORACLE11 | SV-24859r1_rule | ECTP-1 | Medium |
| Description |
|---|
| Audit data is frequently targeted by malicious users as it can provide a means to detect their activity. The protection of the audit trail data is of special concern and requires restrictions to allow only the auditor and DBMS backup, recovery, and maintenance users access to it. |
| STIG | Date |
|---|---|
| Oracle 11 Database Instance STIG | 2014-01-14 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (F-26445r1_fix) |
|---|
| Change the owner of the $AUD table to SYS or SYSTEM account. OR Recreate the audit table while logged in as SYS or SYSTEM. |