STIGQter: STIG Summary: VMW vRealize Operations Manager 6.x PostgreSQL Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

vROps PostgreSQL DB objects (including but not limited to tables, indexes, storage, stored procedures, functions, triggers, links to software external to the DBMS, etc.) must be owned by vROps PostgreSQL DB principals authorized for ownership.

DISA Rule

SV-98905r1_rule

Vulnerability Number

V-88255

Group Title

SRG-APP-000133-DB-000200

Rule Version

VROM-PG-000150

Severity

CAT II

CCI(s)

CCI-001499 - The organization limits privileges to change software resident within software libraries.

Weight

Fix Recommendation

At the command prompt, execute the following command:

# /opt/vmware/vpostgres/current/bin/psql -U postgres -c "ALTER TABLE <tablename> OWNER TO postgres;"

Replace <tablename> with the name of the table discovered during the check.

Check Contents

At the command prompt, execute the following command:

# /opt/vmware/vpostgres/current/bin/psql -U postgres -c "\dp;"

Review the Access Privileges column. If any tables have permissions to users other than "postgres", this is a finding.

vROps PostgreSQL DB objects (including but not limited to tables, indexes, storage, stored procedures, functions, triggers, links to software external to the DBMS, etc.) must be owned by vROps PostgreSQL DB principals authorized for ownership.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments