SV-224173r508023_rule
V-224173
SRG-APP-000516-DB-000363
EP11-00-004850
CAT II
10
Remove any password files present on the server and implement a more secure form of authentication.
The DoD standard for authentication is DoD-approved PKI certificates.
Check DBMS settings to determine whether a password file is being used.
On Windows the default file name and location is:
%APPDATA%\postgresql\pgpass.conf (where %APPDATA% refers to the Application Data subdirectory in the user's profile).
Alternatively, a password file can be specified using the connection parameter passfile or the environment variable PGPASSFILE.
If a password file exists, this is a finding.
If a password file is not in use, this is not a finding.
V-224173
False
EP11-00-004850
Check DBMS settings to determine whether a password file is being used.
On Windows the default file name and location is:
%APPDATA%\postgresql\pgpass.conf (where %APPDATA% refers to the Application Data subdirectory in the user's profile).
Alternatively, a password file can be specified using the connection parameter passfile or the environment variable PGPASSFILE.
If a password file exists, this is a finding.
If a password file is not in use, this is not a finding.
M
4107