STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Oracle Database 12c Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:SV-237710r667162_rule
V-237710
SRG-APP-000233-DB-000124
O121-C2-004100
CAT II
10
Revoke DBA privileges, and privileges to administer DBA-owned objects, from non-DBA accounts.
Provide separate accounts to DBA for database administration.
Review permissions for objects owned by DBA or other administrative accounts.
If any objects owned by administrative accounts can be accessed by non-DBA/non-administrative users, either directly or indirectly, this is a finding.
Verify DBAs have separate administrative accounts.
If DBAs do not have a separate account for database administration purposes, this is a finding.
To list all objects owned by an administrative account that have had access granted to another account, run the query:
SELECT grantee, table_name, grantor, privilege, type from dba_tab_privs where owner= '<applicable account>';
V-237710
False
O121-C2-004100
Review permissions for objects owned by DBA or other administrative accounts.
If any objects owned by administrative accounts can be accessed by non-DBA/non-administrative users, either directly or indirectly, this is a finding.
Verify DBAs have separate administrative accounts.
If DBAs do not have a separate account for database administration purposes, this is a finding.
To list all objects owned by an administrative account that have had access granted to another account, run the query:
SELECT grantee, table_name, grantor, privilege, type from dba_tab_privs where owner= '<applicable account>';
M
4059