STIGQter STIGQter: STIG Summary: EDB Postgres Advanced Server Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

Database objects (including but not limited to tables, indexes, storage, stored procedures, functions, triggers, links to software external to the EDB Postgres Advanced Server, etc.) must be owned by database/EDB Postgres Advanced Server principals authorized for ownership.

DISA Rule

SV-213589r508024_rule

Vulnerability Number

V-213589

Group Title

SRG-APP-000133-DB-000200

Rule Version

PPS9-00-003500

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Assign ownership of authorized objects to authorized object owner accounts by running this SQL command for each object to be changed:

ALTER <type> <object name> OWNER TO <new owner>;

For example: ALTER TABLE my_table OWNER TO APP_USER;

Check Contents

Review system documentation to identify accounts authorized to own database objects. Review accounts that own objects in the database(s) by running this SQL command:

select * from sys.all_objects;

If any database objects are found to be owned by users not authorized to own database objects, this is a finding.

Vulnerability Number

V-213589

Documentable

False

Rule Version

PPS9-00-003500

Severity Override Guidance

Review system documentation to identify accounts authorized to own database objects. Review accounts that own objects in the database(s) by running this SQL command:

select * from sys.all_objects;

If any database objects are found to be owned by users not authorized to own database objects, this is a finding.

Check Content Reference

M

Target Key

3988

Comments