STIGQter: STIG Summary: EDB Postgres Advanced Server v11 on Windows Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

Database objects (including but not limited to tables, indexes, storage, stored procedures, functions, triggers, links to software external to the EDB Postgres Advanced Server, etc.) must be owned by database/EDB Postgres Advanced Server principals authorized for ownership.

DISA Rule

SV-224158r508023_rule

Vulnerability Number

V-224158

Group Title

SRG-APP-000133-DB-000200

Rule Version

EP11-00-003500

Severity

CAT II

CCI(s)

CCI-001499 - The organization limits privileges to change software resident within software libraries.

Weight

Fix Recommendation

Assign ownership of authorized objects to authorized object owner accounts by running this SQL command for each object to be changed:

ALTER <type> <object name> OWNER TO <new owner>;

For example: ALTER TABLE my_table OWNER TO APP_USER;

Check Contents

Review system documentation to identify accounts authorized to own database objects. Review accounts that own objects in the database(s) by running this SQL command:

select * from sys.all_objects;

If any database objects are found to be owned by users not authorized to own database objects, this is a finding.

Vulnerability Number

V-224158

Documentable

False

Rule Version

EP11-00-003500

Severity Override Guidance

Check Content Reference

Target Key

4107

Database objects (including but not limited to tables, indexes, storage, stored procedures, functions, triggers, links to software external to the EDB Postgres Advanced Server, etc.) must be owned by database/EDB Postgres Advanced Server principals authorized for ownership.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments