STIGQter: STIG Summary: EDB Postgres Advanced Server Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020: STIGQter: STIG Summary: EDB Postgres Advanced Server Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:SV-213625r508024_rule
V-213625
SRG-APP-000378-DB-000365
PPS9-00-008400
CAT II
10
Document and obtain approval for any non-administrative users who require the ability to create, alter, or replace logic modules.
Implement the approved permissions. Revoke (or deny) any unapproved permissions and remove any unauthorized role memberships.
If EDB Postgres supports only software development, experimentation, and/or developer-level testing (that is, excluding production systems, integration testing, stress testing, and user acceptance testing), this is not a finding.
Review the EDB Postgres security settings with respect to non-administrative users' ability to create, alter, or replace logic modules, to include but not necessarily only stored procedures, functions, triggers, and views. These psql commands can help with showing existing permissions of databases and schemas:
\l
\dn+
If any such permissions exist and are not documented and approved, this is a finding.
V-213625
False
PPS9-00-008400
If EDB Postgres supports only software development, experimentation, and/or developer-level testing (that is, excluding production systems, integration testing, stress testing, and user acceptance testing), this is not a finding.
Review the EDB Postgres security settings with respect to non-administrative users' ability to create, alter, or replace logic modules, to include but not necessarily only stored procedures, functions, triggers, and views. These psql commands can help with showing existing permissions of databases and schemas:
\l
\dn+
If any such permissions exist and are not documented and approved, this is a finding.
M
3988