STIGQter STIGQter: STIG Summary: EDB Postgres Advanced Server v11 on Windows Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

Database objects (including but not limited to tables, indexes, storage, stored procedures, functions, triggers, links to software external to the EDB Postgres Advanced Server, etc.) must be owned by database/EDB Postgres Advanced Server principals authorized for ownership.

DISA Rule

SV-224158r508023_rule

Vulnerability Number

V-224158

Group Title

SRG-APP-000133-DB-000200

Rule Version

EP11-00-003500

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Assign ownership of authorized objects to authorized object owner accounts by running this SQL command for each object to be changed:

ALTER <type> <object name> OWNER TO <new owner>;

For example: ALTER TABLE my_table OWNER TO APP_USER;

Check Contents

Review system documentation to identify accounts authorized to own database objects. Review accounts that own objects in the database(s) by running this SQL command:

select * from sys.all_objects;

If any database objects are found to be owned by users not authorized to own database objects, this is a finding.

Vulnerability Number

V-224158

Documentable

False

Rule Version

EP11-00-003500

Severity Override Guidance

Review system documentation to identify accounts authorized to own database objects. Review accounts that own objects in the database(s) by running this SQL command:

select * from sys.all_objects;

If any database objects are found to be owned by users not authorized to own database objects, this is a finding.

Check Content Reference

M

Target Key

4107

Comments