dbSecure_NAME
Secure Configuration for Oracle Database
racSecure_NAME
Secure Configuration for Oracle Real Application Cluster
dbSecure_DESC
Ensures adherence with best-practice security configuration settings that help protect against database-related threats and attacks, providing a more secure operating environment for the Oracle database.
dbSecure_SecurityKEYWORD
Security
PostInstallation_NAME
Post Installation
PostInstallation_DESC
Contains rules that ensure default database server accounts are secure. The most trivial method by which a database can be compromised is having a default database server account left open that uses its default password.
DefaultPwd_NAME
Default Passwords Have Been Changed
DefaultPwd_DESC
Ensures the default passwords of administrative accounts have been changed.
DefaultPwd_RATIONALE
Security is most easily broken when a default database user account still has a default password after installation. In any Oracle environment, assign strong, secure passwords to administrative accounts immediately upon successful installation of the database server.
DefaultPwd_FIX
Change the default password of the administrative user.
DefaultAccountLockedAndExpired_NAME
Default Accounts are Locked and Expired
DefaultAccountLockedAndExpired_DESC
Ensures the default administrative accounts are locked and expired.
DefaultAccountLockedAndExpired_RATIONALE
Oracle Database installs with many default (present) database user accounts. Upon the successful creation of a database server instance, default database user accounts should be locked and expired. Left open in their default states, these user accounts can be exploited to gain unauthorized access to data or disrupt database operations.
DefaultAccountLockedAndExpired_FIX
Lock and expire the default administrative account.
OracleDirAndFilePerms_NAME
Oracle Directory and File Permissions
OracleDirAndFilePerms_DESC
Contains rules that ensure the permissions on the directories and files containing the Oracle software are sufficient. Access should be restricted, making it more difficult for an operating system user to attack the database.
OracleDirAndFilePermsU_NAME
Unix Platform
OracleDirAndFilePermsU_DESC
Contains rules that ensure the permissions on the directories and files containing the Oracle software are sufficient.
AppropriateUMaskValue_NAME
Appropriate umask Value
AppropriateUMaskValue_DESC
Ensures the owner of the Oracle software has an appropriate umask value of 022 set.
AppropriateUMaskValue_RATIONALE
If the umask value is not set to an appropriate value, such as 022, log and/or trace files might become generally accessible exposing sensitive information.
AppropriateUMaskValue_FIX
Set umask value to 022 for the owner of Oracle software.
DbDatafilesU_NAME
Database Datafiles
DbDatafilesU_DESC
Ensures access to datafiles is restricted to the owner of the Oracle software and the DBA group.
DbDatafilesU_RATIONALE
Access to datafiles should be restricted in order to prevent accidental and/or deliberate unauthorized attempts to access or alter that data.
DbDatafilesU_FIX
Restrict datafile permissions to the owner of the Oracle software and DBA group. Do not give world read and write permissions.
IFileU_NAME
IFILE Referenced File (IFILE)
IFileU_DESC
Ensures access to files referenced by the IFILE database initialization parameter are restricted to the owner of the Oracle software and the DBA group.
IFileU_RATIONALE
The IFILE database initialization parameter can be used to embed the contents of another initialization parameter file within the current initialization parameter file. Access to an initialization parameter file should be restricted in order to prevent exposing the security policies of the database as well as the weaknesses of the Oracle database configuration.
IFileU_FIX
Restrict permissions to the files referenced by the IFILE initialization parameter to the owner of the Oracle software and DBA group. Do not give world read or write permissions.
AuditFileDestU_NAME
Audit File Destination (AUDIT_FILE_DEST)
AuditFileDestU_DESC
Ensures access to directory referenced by the AUDIT_FILE_DEST database initialization parameter is restricted to the owner of the Oracle software and the DBA group.
AuditFileDestU_RATIONALE
The AUDIT_FILE_DEST database initialization parameter specifies the operating system directory into which some audit data is written whether or not database auditing has been enabled. Access to audit files should be restricted in order to prevent exposing sensitive information such as logging information related to database startup and shutdown, as well as privileged connections.
AuditFileDestU_FIX
Restrict permissions to the directory referenced by the AUDIT_FILE_DEST initialization parameter to the owner of the Oracle software and DBA group. Do not give world read or write permissions.
UserDumpDestU_NAME
User Dump Destination (USER_DUMP_DEST)
UserDumpDestU_DESC
Ensures access to directory referenced by the USER_DUMP_DEST database initialization parameter is restricted to the owner of the Oracle software and the DBA group.
UserDumpDestU_RATIONALE
The USER_DUMP_DEST database initialization parameter specifies the directory where the server will write debugging trace files on behalf of a user process. Access to these debugging trace files should be restricted in order to prevent exposing sensitive information regarding the database as well as the applications running on it.
UserDumpDestU_FIX
Restrict permissions to the directory referenced by the USER_DUMP_DEST initialization parameter to the owner of the Oracle software and DBA group. Do not give world read or write permissions.
BackgroundDumpDestU_NAME
Background Dump Destination (BACKGROUND_DUMP_DEST)
BackgroundDumpDestU_DESC
Ensures access to directory referenced by the BACKGROUND_DUMP_DEST database initialization parameter is restricted to the owner of the Oracle software and the DBA group.
BackgroundDumpDestU_RATIONALE
The BACKGROUND_DUMP_DEST database initialization parameter specifies the directory where the server will write debugging trace files for the background processes (LGWR, DBWn, and so on) are written during Oracle operations. Access to these debugging trace files should be restricted in order to prevent exposing sensitive information regarding the database as well as the applications running on it.
BackgroundDumpDestU_FIX
Restrict permissions to the directory referenced by the BACKGROUND_DUMP_DEST initialization parameter to the owner of the Oracle software and DBA group. Do not give world read or write permissions.
CoreDumpDestU_NAME
Core Dump Destination (CORE_DUMP_DEST)
CoreDumpDestU_DESC
Ensures access to directory referenced by the CORE_DUMP_DEST database initialization parameter is restricted to the owner of the Oracle software and the DBA group.
CoreDumpDestU_RATIONALE
The CORE_DUMP_DEST database initialization parameter specifies the directory where the server will write core dump files. Access to these core dump files should be restricted in order to prevent exposing sensitive information regarding the database as well as the applications running on it.
CoreDumpDestU_FIX
Restrict permissions to the directory referenced by the CORE_DUMP_DEST initialization parameter to the owner of the Oracle software and DBA group. Do not give world read or write permissions.
ControlFilesU_NAME
Control Files (CONTROL_FILES)
ControlFilesU_DESC
Ensures access to directory referenced by the CONTROL_FILES database initialization parameter is restricted to the owner of the Oracle software and the DBA group.
ControlFilesU_RATIONALE
Access to control files should be restricted in order to prevent exposing sensitive information regarding the database and its data.
ControlFilesU_FIX
Restrict permissions to the files referenced by the CONTROL_FILES initialization parameter to the owner of the Oracle software and DBA group. Do not give world read or write permissions.
OHExecutablesU_NAME
Oracle Home Executables
OHExecutablesU_DESC
Ensures access to files in the ORACLE_HOME/bin directory is restricted.
OHExecutablesU_RATIONALE
When access control permissions are too lax, opportunities for unauthorized exploitation as well as accidental or deliberate misuse arise.
OHExecutablesU_FIX
Restrict permissions to all files in the ORACLE_HOME/bin directory to the owner of the Oracle software and DBA group. Do not give group or world write permission. In other words, permissions should be set to 0755 or less.
OHNonExecutablesU_NAME
Oracle Home Non-Executables
OHNonExecutablesU_DESC
Ensures access to files in the ORACLE_HOME directories, except for ORACLE_HOME/bin, is restricted.
OHNonExecutablesU_RATIONALE
Access to these files should be restricted. When access control permissions are too lax, opportunities for unauthorized exploitation as well as accidental or deliberate misuse arise.
OHNonExecutablesU_FIX
Restrict permissions to all files in the ORACLE_HOME directories, except for ORACLE_HOME/bin, to the owner of the Oracle software and DBA group. Do not give group write permission nor world read, write or execute permission. In other words, permissions should be set to 0750 or less.
OracleDirAndFilePermsW_NAME
Windows Platform
OracleDirAndFilePermsW_DESC
Contains rules that ensure the permissions on the directories and files containing the Oracle software are sufficient.
DbDatafilesW_NAME
Database Datafiles
DbDatafilesW_DESC
Ensures access to datafiles is restricted to the owner of the Oracle software.
DbDatafilesW_RATIONALE
Access to datafiles should be restricted in order to prevent accidental and/or deliberate unauthorized attempts to access or alter that data.
DbDatafilesW_FIX
Restrict datafile permissions to the owner of the Oracle software and DBA group. Do not give any of the following permissions to any other users or user groups: DELETE, WRITE_DAC, WRITE_OWNER, CHANGE, ADD, or FULL.
IFileW_NAME
IFILE Referenced File (IFILE)
IFileW_DESC
Ensures access to files referenced by the IFILE database initialization parameter are restricted to the owner of the Oracle software.
IFileW_RATIONALE
The IFILE database initialization parameter can be used to embed the contents of another initialization parameter file within the current initialization parameter file. Access to an initialization parameter file should be restricted in order to prevent exposing the security policies of the database as well as the weaknesses of the Oracle database configuration.
IFileW_FIX
Restrict permissions to the files referenced by the IFILE initialization parameter to the owner of the Oracle software and DBA group. Do not give any of the following permissions to any other users or user groups: DELETE, WRITE_DAC, WRITE_OWNER, CHANGE, ADD, or FULL.
AuditFileDestW_NAME
Audit File Destination (AUDIT_FILE_DEST)
AuditFileDestW_DESC
Ensures access to directory referenced by the AUDIT_FILE_DEST database initialization parameter is restricted to the owner of the Oracle software.
AuditFileDestW_RATIONALE
The AUDIT_FILE_DEST database initialization parameter specifies the operating system directory into which the audit trail is written when database auditing has been enabled. Access to audit files should be restricted in order to prevent exposing sensitive information such as logging information related to database startup and shutdown as well as privileged connections.
AuditFileDestW_FIX
Restrict permissions to the directory referenced by the AUDIT_FILE_DEST initialization parameter to the owner of the Oracle software and DBA group. Do not give any of the following permissions to any other users or user groups: DELETE, WRITE_DAC, WRITE_OWNER, CHANGE, ADD, or FULL.
UserDumpDestW_NAME
User Dump Destination (USER_DUMP_DEST)
UserDumpDestW_DESC
Ensures access to directory referenced by the USER_DUMP_DEST database initialization parameter is restricted to the owner of the Oracle software.
UserDumpDestW_RATIONALE
The USER_DUMP_DEST database initialization parameter specifies the directory where the server will write debugging trace files on behalf of a user process. Access to these debugging trace files should be restricted in order to prevent exposing sensitive information regarding the database as well as the applications running on it.
UserDumpDestW_FIX
Restrict permissions to the directory referenced by the USER_DUMP_DEST initialization parameter to the owner of the Oracle software and DBA group. Do not give any of the following permissions to any other users or user groups: DELETE, WRITE_DAC, WRITE_OWNER, CHANGE, ADD, or FULL.
BackgroundDumpDestW_NAME
Background Dump Destination (BACKGROUND_DUMP_DEST)
BackgroundDumpDestW_DESC
Ensures access to directory referenced by the BACKGROUND_DUMP_DEST database initialization parameter is restricted to the owner of the Oracle software.
BackgroundDumpDestW_RATIONALE
The BACKGROUND_DUMP_DEST database initialization parameter specifies the directory where the server will write debugging trace files for the background processes (LGWR, DBWn, and so on) are written during Oracle operations. Access to these debugging trace files should be restricted in order to prevent exposing sensitive information regarding the database as well as the applications running on it.
BackgroundDumpDestW_FIX
Restrict permissions to the directory referenced by the BACKGROUND_DUMP_DEST initialization parameter to the owner of the Oracle software and DBA group. Do not give any of the following permissions to any other users or user groups: DELETE, WRITE_DAC, WRITE_OWNER, CHANGE, ADD, or FULL.
CoreDumpDestW_NAME
Core Dump Destination (CORE_DUMP_DEST)
CoreDumpDestW_DESC
Ensures access to directory referenced by the CORE_DUMP_DEST database initialization parameter is restricted to the owner of the Oracle software.
CoreDumpDestW_RATIONALE
The CORE_DUMP_DEST database initialization parameter specifies the directory where the server will write core dump files. Access to these core dump files should be restricted in order to prevent exposing sensitive information regarding the database as well as the applications running on it.
CoreDumpDestW_FIX
Restrict permissions to the directory referenced by the CORE_DUMP_DEST initialization parameter to the owner of the Oracle software and DBA group. Do not give any of the following permissions to any other users or user groups: DELETE, WRITE_DAC, WRITE_OWNER, CHANGE, ADD, or FULL.
ControlFilesW_NAME
Control Files (CONTROL_FILES)
ControlFilesW_DESC
Ensures access to directory referenced by the CONTROL_FILES database initialization parameter is restricted to the owner of the Oracle software.
ControlFilesW_RATIONALE
Access to control files should be restricted in order to prevent exposing sensitive information regarding the database and its data.
ControlFilesW_FIX
Restrict permissions to the files referenced by the CONTROL_FILES initialization parameter to the owner of the Oracle software and DBA group. Do not give any of the following permissions to any other users or user groups: DELETE, WRITE_DAC, WRITE_OWNER, CHANGE, ADD, or FULL.
OHExecutablesW_NAME
Oracle Home Executables
OHExecutablesW_DESC
Ensures access to files in the ORACLE_HOME/bin directory is restricted.
OHExecutablesW_RATIONALE
Access to these executables should be restricted. When access control permissions are too lax, opportunities for unauthorized exploitation as well as accidental or deliberate misuse arise.
OHExecutablesW_FIX
Restrict permissions to all files in the ORACLE_HOME/bin directory to the owner of the Oracle software and DBA group. Do not give any of the following permissions to any other users or user groups: DELETE, WRITE_DAC, WRITE_OWNER, CHANGE, ADD, or FULL.
OHNonExecutablesW_NAME
Oracle Home Non-Executables
OHNonExecutablesW_DESC
Ensures access to files in the ORACLE_HOME directories, except for ORACLE_HOME/bin, is restricted.
OHNonExecutablesW_RATIONALE
Access to these files should be restricted. When access control permissions are too lax, opportunities for unauthorized exploitation as well as accidental or deliberate misuse arise.
OHNonExecutablesW_FIX
Restrict permissions to all files in the ORACLE_HOME directories, except for ORACLE_HOME/bin, to the owner of the Oracle software and DBA group. Do not give any of the following permissions to any other users or user groups: DELETE, WRITE_DAC, WRITE_OWNER, CHANGE, ADD, or FULL.
OHExecutablesOracleOwned_NAME
Oracle Home Executable Files Owned by Oracle
OHExecutablesOracleOwned_DESC
Ensures ownership of all files in the ORACLE_HOME/bin directory is the same as the owner of the Oracle software installation.
OHExecutablesOracleOwned_RATIONALE
Access to these executables should be restricted. When access control permissions are too lax, opportunities for unauthorized exploitation as well as accidental or deliberate misuse arise.
OHExecutablesOracleOwned_FIX
Change the owner of files in the ORACLE_HOME/bin directory to be the same as the owner of the Oracle software installation.
OracleParamSettings_NAME
Oracle Parameter Settings
OracleParamSettings_DESC
Contains rules that ensure database initialization parameter settings are secure.
AccessToTraceFileDisabled_NAME
Access to Trace Files Disabled (_TRACE_FILES_PUBLIC)
AccessToTraceFileDisabled_DESC
Ensures database trace files are not readable by users.
AccessToTraceFileDisabled_RATIONALE
The _TRACE_FILES_PUBLIC parameter indicates whether or not debugging trace files generated by Oracle in the directory specified by the USER_DUMP_DEST parameter are readable to everyone. Access to these debugging trace files should be restricted in order to prevent exposing sensitive information regarding the database as well as the applications running on it.
AccessToTraceFileDisabled_FIX
Set _TRACE_FILES_PUBLIC to FALSE.
RemoteOSRolesDisabled_NAME
Remote OS Roles Disabled (REMOTE_OS_ROLES)
RemoteOSRolesDisabled_DESC
Ensures remote OS roles are disabled; that is, the database has not been configured to enable roles based on remote operating system user group membership.
RemoteOSRolesDisabled_RATIONALE
The REMOTE_OS_ROLES parameter specifies whether operating system roles are allowed for remote clients. If users connect to the database over Oracle Net, and their roles are not authenticated by Oracle, the remote user could impersonate another operating system user over a network connection. Allowing users to remotely authenticate is a bad security practice in itself. Adding the ability to assume operating system roles for these accounts makes the situation even more insecure.
RemoteOSRolesDisabled_FIX
Set REMOTE_OS_ROLES to FALSE to help enforce server-based authentication of clients connecting to the Oracle database.
RemoteOSAuthenticationDisabled_NAME
Remote OS Authentication Disabled (REMOTE_OS_AUTHENT)
RemoteOSAuthenticationDisabled_DESC
Ensures remote OS authentication is disabled.
RemoteOSAuthenticationDisabled_RATIONALE
Setting the REMOTE_OS_AUTHENT parameter to TRUE forces Oracle to accept a client operating system user name received over a non-secure connection and use it for account access. Since clients, such as PCs, are not trusted to perform operating system authentication properly, it is a very poor security practice to turn on this feature.
RemoteOSAuthenticationDisabled_FIX
Set REMOTE_OS_AUTHENT to FALSE to help enforce server-based authentication of clients connecting to the Oracle database.
RemoteLsnrInstancesDisabled_NAME
Use of Remote Listener Instances Disabled (REMOTE_LISTENER)
RemoteLsnrInstancesDisabled_DESC
Ensures the use of listener instances on a remote machine separate from the database instance is disabled.
RemoteLsnrInstancesDisabled_RATIONALE
The REMOTE_LISTENER parameter can be used to allow a listener on a remote machine to access the database. You should prevent the use of a listener on a remote machine.
RemoteLsnrInstancesDisabled_FIX
Set REMOTE_LISTENER to "" (null string). Note, this parameter is not applicable in a multi-master replication or RAC environment where this setting provides a load balancing mechanism for the listener.
DbAuditingEnabled_NAME
Database Auditing Enabled (AUDIT_TRAIL)
DbAuditingEnabled_DESC
Ensures database auditing is enabled.
DbAuditingEnabled_RATIONALE
The AUDIT_TRAIL parameter enables or disables database auditing. Auditing is always about accountability, and is frequently done to protect and preserve privacy for the information stored in databases. Auditing also enables system administrators to implement enhanced protections, early detection of suspicious activities, and finely-tuned security responses.
DbAuditingEnabled_FIX
Set AUDIT_TRAIL to either DB, default, or OS. Database-stored audit records can be easier to review and manage than OS-stored audit records. However, audit records stored in operating system files can be protected from DBAs via appropriate file permissions, and will remain available even if the database is temporarily inaccessible.
DbAuditingEnabled_WARNING
Although auditing is relatively inexpensive, limit the number of audited events as far as possible. Doing so minimizes the performance impact on the execution of audited statements and the size of the audit trail, making it easier to analyze and understand.
SecureOSAuthenticationPrefix_NAME
Secure OS Authentication Prefix (OS_AUTHENT_PREFIX)
SecureOSAuthenticationPrefix_DESC
Ensures that the OS authentication prefix is set to a value other than OPS$.
SecureOSAuthenticationPrefix_RATIONALE
The OS_AUTHENT_PREFIX parameter specifies a prefix used to authenticate users attempting to connect to the server. When a connection request is attempted, Oracle compares the prefixed username with usernames in the database. Using the OPS$ prefix tends to result in an insecure configuration because an account can be authenticated either as an operating system user or with the password used in the IDENTIFIED BY clause. Attackers are aware of this and will attack these accounts.
SecureOSAuthenticationPrefix_FIX
Set OS_AUTHENT_PREFIX to a value other than OPS$.
AccessToDataDictionaryProtected_NAME
Access to Data Dictionary Protected (07_DICTIONARY_ACCESSIBILITY)
AccessToDataDictionaryProtected_DESC
Ensures data dictionary protection is enabled.
AccessToDataDictionaryProtected_RATIONALE
Setting the 07_DICTIONARY_ACCESSIBILITY to TRUE allows users with ANY system privileges to access the data dictionary. As a result, these user accounts can be exploited to gain unauthorized access to data. Instead the data dictionary should be protected such that only those authorized users making DBA-privileged connections can use the ANY system privilege to access the data dictionary.
AccessToDataDictionaryProtected_FIX
Set 07_DICTIONARY_ACCESSIBILITY to FALSE. If a user needs view access to the data dictionary, then it is permissible to grant that user the SELECT ANY DICTIONARY system privilege.
AuditingSysOperationsEnabled_NAME
Auditing of SYS Operations Enabled (AUDIT_SYS_OPERATIONS)
AuditingSysOperationsEnabled_DESC
Ensures sessions for users who connect as SYS are fully audited.
AuditingSysOperationsEnabled_RATIONALE
The AUDIT_SYS_OPERATIONS parameter enables or disables the auditing of operations issued by user SYS, and users connecting with SYSDBA or SYSOPER privileges. Since these are highly privileged users, auditing can be especially important.
AuditingSysOperationsEnabled_FIX
Set AUDIT_SYS_OPERATIONS to TRUE.
AuditingSysOperationsEnabled_WARNING
Some operations (e.g. export) may involve substantial actions by privileged users, resulting in substantial unnecessary audit data. You may choose to set this parameter to FALSE in these situations to avoid overload of the SYSTEM tablespace, which contains the audit records.
DbPwdProfileSettings_NAME
Database Password Profile Settings
DbPwdProfileSettings_DESC
Contains rules that ensure database profile settings correctly defined. Oracle password management is controlled through the use of user profiles which are then assigned to database users, enabling greater control over database security.
SecureFailedLoginAttemptsSetting_NAME
Secure Failed Login Attempts Setting
SecureFailedLoginAttemptsSetting_DESC
Ensures profiles have FAILED_LOGIN_ATTEMPTS set to a reasonable number of failed attempts.
SecureFailedLoginAttemptsSetting_RATIONALE
The FAILED_LOGIN_ATTEMPTS parameter defines the number of successive failed login attempts that can be performed before an account's status is changed to locked. This protects against attackers attempting to guess a password for an account. If this parameter is set low enough, the effectiveness of password attacks on the database can be eliminated.
SecureFailedLoginAttemptsSetting_FIX
Set FAILED_LOGIN_ATTEMPTS a value less than or equal to 10.
SecurePwdLifeTimeSetting_NAME
Secure Password Life Time Setting
SecurePwdLifeTimeSetting_DESC
Ensures profiles have PASSWORD_LIFE_TIME set to a reasonable number of days.
SecurePwdLifeTimeSetting_RATIONALE
The PASSWORD_LIFE_TIME parameter defines the maximum lifetime for passwords. Changing passwords on a regular basis is an accepted security practice for mitigating the threat that a password may have been compromised. If this parameter is set too high or is not set at all, old passwords may be compromised and remain in use for an extended period of time.
SecurePwdLifeTimeSetting_FIX
Set PASSWORD_LIFE_TIME to a value such as 180 days. This requires password to be changed frequently enough without overloading the users with having to pick new passwords frequently. If set too low, the user is forced to update their password so frequently that they need to choose low quality passwords in order to be able to remember them.
SecurePwdLockTimeSetting_NAME
Secure Password Lock Time Setting
SecurePwdLockTimeSetting_DESC
Ensures profiles have PASSWORD_LOCK_TIME set to a reasonable number of days.
SecurePwdLockTimeSetting_RATIONALE
The PASSWORD_LOCK_TIME parameter defines the number of days an account will remain locked after the maximum number of failed login attempts has been reached. Specifying a large value increases the likelihood of Denial of Service attacks. Specifying a zero (0) removes any penalty for repeated bad password guesses.
SecurePwdLockTimeSetting_FIX
Set PASSWORD_LOCK_TIME to a value greater than or equal to 1.
SecurePwdGraceTimeSetting_NAME
Secure Password Grace Time Setting
SecurePwdGraceTimeSetting_DESC
Ensures profiles have PASSWORD_GRACE_TIME set to a reasonable number of days.
SecurePwdGraceTimeSetting_RATIONALE
The PASSWORD_GRACE_TIME parameter defines the number of days after a password expires in which the user is not required to change the password. During the grace period, the user is prompted for a new password each time an attempt is made to access their accounts. If this parameter is set too high, password expiration can be ignored.
SecurePwdGraceTimeSetting_FIX
Set PASSWORD_GRACE_TIME to a value less than or equal to 7.
PwdComplexityCheckingEnabled_NAME
Password Complexity Checking Enabled
PwdComplexityCheckingEnabled_DESC
Ensures profiles have PASSWORD_VERIFY_FUNCTION defined.
PwdComplexityCheckingEnabled_RATIONALE
The PASSWORD_VERIFY_FUNCTION defines the function that will be used to validate the strength of the password. By setting a function to validate password strength, you can ensure that strong passwords are being used.
PwdComplexityCheckingEnabled_FIX
Specify a password verification function, by using the PASSWORD_VERIFY_FUNCTION parameter.
DbAccessSettings_NAME
Database Access Settings
DbAccessSettings_DESC
Contains rules that ensure data security. That is, access to and use of the database at the object level is restricted such that users are only given those privileges that are actually required to efficiently perform their jobs.
Views_NAME
Views
Views_DESC
Contains rules that ensure privileges on views are restricted.
DBARoles_NAME
Restricted Access to DBA_ROLES
DBARoles_DESC
Ensures restricted access to DBA_ROLES.
DBARoles_RATIONALE
The DBA_ROLES view contains details of all roles in the database. Knowledge of the structure of roles in the database can be taken advantage of by a malicious user. Access to DBA_ROLES should be restricted.
DBARoles_FIX
Revoke access to DBA_ROLES from all users other than SYS or DBA accounts.
DBASysPrivs_NAME
Restricted Access to DBA_SYS_PRIVS
DBASysPrivs_DESC
Ensures restricted access to DBA_SYS_PRIVS.
DBASysPrivs_RATIONALE
The DBA_SYS_PRIVS view contains details of system privileges granted to roles and users. Knowledge of the system privileges can be taken advantage of by a malicious user. Access to DBA_SYS_PRIVS should be restricted.
DBASysPrivs_FIX
Revoke access to DBA_SYS_PRIVS from all users other than SYS or DBA accounts.
DBARolePrivs_NAME
Restricted Access to DBA_ROLE_PRIVS
DBARolePrivs_DESC
Ensures restricted access to DBA_ROLE_PRIVS.
DBARolePrivs_RATIONALE
The DBA_ROLE_PRIVS view contains details of all roles granted to users and other roles. Knowledge of the structure of roles in the database can be taken advantage of by a malicious user. Access to DBA_ROLE_PRIVS should be restricted.
DBARolePrivs_FIX
Revoke access to DBA_ROLE_PRIVS from all users other than SYS or DBA accounts.
DBATabPrivs_NAME
Restricted Access to DBA_TAB_PRIVS
DBATabPrivs_DESC
Ensures restricted access to DBA_TAB_PRIVS.
DBATabPrivs_RATIONALE
The DBA_TAB_PRIVS view contains details of all grants on all objects in the database. Knowledge of who is granted what object privileges in the database can be taken advantage of by a malicious user. Access to DBA_TAB_PRIVS should be restricted.
DBATabPrivs_FIX
Revoke access to DBA_TAB_PRIVS from all users other than SYS or DBA accounts.
DBAUsers_NAME
Restricted Access to DBA_USERS
DBAUsers_DESC
Ensures restricted access to DBA_USERS.
DBAUsers_RATIONALE
The DBA_USERS view describes all users in the database including password hashes and other account information. Knowledge of this type of information can be taken advantage of by a malicious user. Access to DBA_USERS should be restricted.
DBAUsers_FIX
Revoke access to DBA_USERS from all users other than SYS or DBA accounts.
Tables_NAME
Tables
Tables_DESC
Contains rules that ensure privileges on tables are restricted.
SYSAud_NAME
Restricted Access to SYS.AUD$
SYSAud_DESC
Ensures restricted access to SYS.AUD$.
SYSAud_RATIONALE
When database auditing is enabled and is using a database audit trail (AUDIT_TRAIL set to DB), the database directs audit records to a single table named SYS.AUD$. When auditing for suspicious database activity, the audit trail must be protected so audit information cannot be added, changed or deleted without being audited. Access to SYS.AUD$ should be restricted in order to prevent accidental and/or deliberate unauthorized attempts to access or alter that data.
SYSAud_FIX
Revoke access to SYS.AUD$ from all users other than SYS or DBA accounts.
SYSUserHistory_NAME
Restricted Access to SYS.USER_HISTORY$
SYSUserHistory_DESC
Ensures restricted access to SYS.USER_HISTORY$.
SYSUserHistory_RATIONALE
The SYS.USER_HISTORY$ table stores hashed passwords that were previously used by each account. Access to this table can make guessing the existing password for an account easier for someone hacking the database. Access to SYS.USER_HISTORY$ should be restricted.
SYSUserHistory_FIX
Revoke access to SYS.USER_HISTORY$ from all users other than SYS or DBA accounts.
SYSUser_NAME
Restricted Access to SYS.USER$
SYSUser_DESC
Ensures restricted access to SYS.USER$.
SYSUser_RATIONALE
The SYS.USER$ table stores usernames, hashed passwords and other database account information. Access to this table can make it easier for someone hacking the database. Access to SYS.USER$ should be restricted.
SYSUser_FIX
Revoke access to SYS.USER$ from all users other than SYS or DBA accounts.
SYSSource_NAME
Restricted Access to SYS.SOURCE$
SYSSource_DESC
Ensures restricted access to SYS.SOURCE$.
SYSSource_RATIONALE
The SYS.SOURCE$ table stores all source code stored in the database. Access to this table can make it easier for someone hacking the database. Access to SYS.SOURCE$ should be restricted.
SYSSource_FIX
Revoke access to SYS.SOURCE$ from all users other than SYS or DBA accounts.
PERFSTATStatsSqlText_NAME
Restricted Access to PERFSTAT.STATS$SQLTEXT
PERFSTATStatsSqlText_DESC
Ensures restricted access to PERFSTAT.STATS$SQLTEXT.
PERFSTATStatsSqlText_RATIONALE
The PERFSTAT.STATS$SQLTEXT table provides full text for recently executed SQL statements. Access to this table can make it easier for someone hacking the database. Access to PERFSTAT.STATS$SQLTEXT should be restricted.
PERFSTATStatsSqlText_FIX
Revoke access to PERFSTAT.STATS$SQLTEXT from all users other than SYS or DBA accounts.
PERFSTATStatsSqlSummary_NAME
Restricted Access to PERFSTAT.STATS$SQL_SUMMARY
PERFSTATStatsSqlSummary_DESC
Ensures restricted access to PERFSTAT.STATS$SQL_SUMMARY.
PERFSTATStatsSqlSummary_RATIONALE
The PERFSTAT.STATS$SQL_SUMMARY table contains the first few lines of SQL text of the most resource intensive commands recently executed. Access to this table can make it easier for someone hacking the database. Access to PERFSTAT.STATS$SQL_SUMMARY should be restricted.
PERFSTATStatsSqlSummary_FIX
Revoke access to PERFSTAT.STATS$SQL_SUMMARY from all users other than SYS or DBA accounts.
Packages_NAME
Packages
Packages_DESC
Contains rules that ensure privileges on packages are restricted.
UtlFile_NAME
Restricted Privilege to Execute UTL_FILE
UtlFile_DESC
Ensures permission to execute the UTL_FILE package has not been
granted to the PUBLIC role.
UtlFile_RATIONALE
The UTL_FILE package allows PL/SQL to read from and write to files on the operating system. This feature though very useful, can also be can be used to break into a database, gain elevated privileges, or corrupt a database. Having access to this powerful package through the PUBLIC role is a security risk as any database user can exercise privileges granted to PUBLIC. Access to this package should be restricted.
UtlFile_FIX
Grant privileges to execute the UTL_FILE package only to those specific accounts that need to execute the package.
UtlTcp_NAME
Restricted Privilege to Execute UTL_TCP
UtlTcp_DESC
Ensures permission to execute the UTL_TCP package has not been granted to the PUBLIC role.
UtlTcp_RATIONALE
The UTL_TCP package permits outgoing network connections to be established by the database to any receiving network service. Thus, arbitrary data may be sent between the database and any waiting network service.
UtlTcp_FIX
Grant privileges to execute the UTL_TCP package only to those specific accounts that need to execute the package.
UtlHttp_NAME
Restricted Privilege to Execute UTL_HTTP
UtlHttp_DESC
Ensures permission to execute the UTL_HTTP package has not been granted to the PUBLIC role.
UtlHttp_RATIONALE
The UTL_HTTP package allows HTTP requests and responses to be sent from within PL/SQL. Granting this package to PUBLIC may permit using HTML forms to send data to a malicious Web site.
UtlHttp_FIX
Grant privileges to execute the UTL_HTTP package only to those specific accounts that need to execute the package.
UtlSmtp_NAME
Restricted Privilege to Execute UTL_SMTP
UtlSmtp_DESC
Ensures permission to execute the UTL_SMTP package has not been granted to the PUBLIC role.
UtlSmtp_RATIONALE
The UTL_SMTP package allows a database user to send or receive email using PL/SQL. Granting this package to PUBLIC may permit unauthorized exchange of mail messages.
UtlSmtp_FIX
Grant privileges to execute the UTL_SMTP package only to those specific accounts that need to execute the package.
DbmsJob_NAME
Restricted Privilege to Execute DBMS_JOB
DbmsJob_DESC
Ensures permission to execute the DBMS_JOB package has not been
granted to the PUBLIC role.
DbmsJob_RATIONALE
The DBMS_JOB package allows users to schedule administrative procedures to be performed at periodic intervals. It is also the interface for the job queue. While not strictly a security risk, there is no valid reason to grant execute on this package to PUBLIC.
DbmsJob_FIX
Grant privileges to execute the DBMS_JOB package only to those specific accounts that need to execute the package.
DbmsSysSql_NAME
Restricted Privilege to Execute DBMS_SYS_SQL
DbmsSysSql_DESC
Ensures permission to execute the DBMS_SYS_SQL package has not been granted to the PUBLIC role.
DbmsSysSql_RATIONALE
The undocumented DBMS_SYS_SQL package allows users to execute PL/SQL and SQL as the owner of the procedure rather than the caller. Access to this package should be restricted.
DbmsSysSql_FIX
Grant privileges to execute the DBMS_SYS_SQL package only to those specific accounts that need to execute the package.