STIGQter: STIG Summary: EDB Postgres Advanced Server Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020: STIGQter: STIG Summary: EDB Postgres Advanced Server Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:SV-213626r508024_rule
V-213626
SRG-APP-000380-DB-000360
PPS9-00-008500
CAT II
10
Configure EDB PPAS to enforce access restrictions associated with changes to the configuration of the EDB Postgres database(s).
Review the security configuration of the EDB Postgres database(s).
If unauthorized users can start the SQL Server Configuration Manager or SQL Server Management Studio, this is a finding.
If EDB Postgres does not enforce access restrictions associated with changes to the configuration of the database(s), this is a finding.
- - - - -
To assist in conducting reviews of permissions, the following psql commands describe permissions of databases, schemas, and users:
\l
\dn+
\du
Permissions of concern in this respect include the following, and possibly others:
- any user with SUPERUSER privileges
- any database or schema with "C" (create) or "w" (update) privileges that are not necessary
V-213626
False
PPS9-00-008500
Review the security configuration of the EDB Postgres database(s).
If unauthorized users can start the SQL Server Configuration Manager or SQL Server Management Studio, this is a finding.
If EDB Postgres does not enforce access restrictions associated with changes to the configuration of the database(s), this is a finding.
- - - - -
To assist in conducting reviews of permissions, the following psql commands describe permissions of databases, schemas, and users:
\l
\dn+
\du
Permissions of concern in this respect include the following, and possibly others:
- any user with SUPERUSER privileges
- any database or schema with "C" (create) or "w" (update) privileges that are not necessary
M
3988