STIGQter: STIG Summary: Oracle Database 11g Installation STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017:

Database software directories including DBMS configuration files are stored in dedicated directories separate from the host OS and other applications.

DISA Rule

SV-24350r1_rule

Vulnerability Number

V-4754

Group Title

DBMS software storage location

Rule Version

DG0012-ORACLE11

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Install Oracle DBMS software using directories separate from the OS and other application software library directories.

Re-locate any directories or re-install other application software that currently shares the DBMS software library directory to separate directories.

Recommend dedicating a separate partition for the DBMS software libraries where supported by the DBMS.

Check Contents

For UNIX Systems:
ls $ORACLE_BASE
ls $ORACLE_HOME

If the ORACLE_BASE directory contains subdirectories other than ORACLE_HOME directories, a flash_recovery_area directory and an admin directory, verify they are used by the DBMS.

If they are not part of the Oracle DBMS software product, this is a Finding.

NOTE: Oracle DBMS data file storage may be placed on a separate, dedicated disk partition and linked to ORACLE_BASE. Refer to check DG0112.

For Windows Systems:
echo %ORACLE_BASE%
echo %ORACLE_HOME%

ORACLE_BASE, if defined, is usually set to C:\Program Files\Oracle.

If ORACLE_HOME is not in a dedicated directory separate from the OS software and other applications where supported by the DBMS, this is a Finding.

All Systems:
Recommend dedicating a separate partition for the DBMS software libraries where supported by the DBMS on all platforms.

Vulnerability Number

V-4754

Documentable

False

Rule Version

DG0012-ORACLE11

Severity Override Guidance

For UNIX Systems:
ls $ORACLE_BASE
ls $ORACLE_HOME

If the ORACLE_BASE directory contains subdirectories other than ORACLE_HOME directories, a flash_recovery_area directory and an admin directory, verify they are used by the DBMS.

If they are not part of the Oracle DBMS software product, this is a Finding.

NOTE: Oracle DBMS data file storage may be placed on a separate, dedicated disk partition and linked to ORACLE_BASE. Refer to check DG0112.

For Windows Systems:
echo %ORACLE_BASE%
echo %ORACLE_HOME%

ORACLE_BASE, if defined, is usually set to C:\Program Files\Oracle.

If ORACLE_HOME is not in a dedicated directory separate from the OS software and other applications where supported by the DBMS, this is a Finding.

All Systems:
Recommend dedicating a separate partition for the DBMS software libraries where supported by the DBMS on all platforms.

Check Content Reference

M

Responsibility

Database Administrator

Target Key

1368

Comments