SV-224193r508023_rule
V-224193
SRG-APP-000342-DB-000302
EP11-00-007500
CAT II
10
Determine where, when, how, and by what principals/subjects elevated privilege is needed.
Modify the system and the application(s) using the database to ensure privilege elevation is used only as required.
To alter a function to use SECURITY INVOKER instead of SECURITY DEFINER, execute the following SQL:
ALTER FUNCTION <function()> SECURITY INVOKER;
Review the system documentation and source code of the application(s) using the database.
If elevation of DBMS privileges is used but not documented, this is a finding.
If elevation of DBMS privileges is documented but not implemented as described in the documentation, this is a finding.
If the privilege-elevation logic can be invoked in ways other than intended, in contexts other than intended, or by subjects/principals other than intended, this is a finding.
Execute the following SQL to find any SECURITY DEFINER functions (meaning they are executed as owner rather than invoker):
select proname from pg_proc where prosecdef = true;
If any of these functions should not be SECURITY DEFINER, this is a finding.
V-224193
False
EP11-00-007500
Review the system documentation and source code of the application(s) using the database.
If elevation of DBMS privileges is used but not documented, this is a finding.
If elevation of DBMS privileges is documented but not implemented as described in the documentation, this is a finding.
If the privilege-elevation logic can be invoked in ways other than intended, in contexts other than intended, or by subjects/principals other than intended, this is a finding.
Execute the following SQL to find any SECURITY DEFINER functions (meaning they are executed as owner rather than invoker):
select proname from pg_proc where prosecdef = true;
If any of these functions should not be SECURITY DEFINER, this is a finding.
M
4107