STIGQter: STIG Summary: EDB Postgres Advanced Server Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.

DISA Rule

SV-213619r508024_rule

Vulnerability Number

V-213619

Group Title

SRG-APP-000342-DB-000302

Rule Version

PPS9-00-007510

Severity

CAT II

CCI(s)

• CCI-002233 - The information system prevents organization-defined software from executing at higher privilege levels than users executing the software.

Weight

10

Fix Recommendation

Determine where, when, how, and by what principals/subjects elevated privilege is needed.

Modify the system and the application(s) using the database to ensure privilege elevation is used only as required.

To alter a user to not allow bypassing RLS, execute the following SQL:

ALTER USER <user> NOBYPASSRLS;

Check Contents

Review the system documentation and source code of the application(s) using the database.

If elevation of DBMS privileges is used but not documented, this is a finding.

If elevation of DBMS privileges is documented but not implemented as described in the documentation, this is a finding.

If the privilege-elevation logic can be invoked in ways other than intended, in contexts other than intended, or by subjects/principals other than intended, this is a finding.

Execute the following SQL to find any users with BYPASS RLS permissions:

select rolname from pg_roles where rolbypassrls = true;

If any of these users are not superusers that should bypass RLS, this is a finding.

Vulnerability Number

V-213619

Documentable

False

Rule Version

PPS9-00-007510

Severity Override Guidance

Review the system documentation and source code of the application(s) using the database.

If elevation of DBMS privileges is used but not documented, this is a finding.

If elevation of DBMS privileges is documented but not implemented as described in the documentation, this is a finding.

If the privilege-elevation logic can be invoked in ways other than intended, in contexts other than intended, or by subjects/principals other than intended, this is a finding.

Execute the following SQL to find any users with BYPASS RLS permissions:

select rolname from pg_roles where rolbypassrls = true;

If any of these users are not superusers that should bypass RLS, this is a finding.

Check Content Reference

M

Target Key

3988

Comments