STIGQter: STIG Summary: EDB Postgres Advanced Server v11 on Windows Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020: STIGQter: STIG Summary: EDB Postgres Advanced Server v11 on Windows Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:SV-224204r508023_rule
V-224204
SRG-APP-000389-DB-000372
EP11-00-008800
CAT II
10
Determine the organization-defined circumstances or situations that require re-authentication and ensure the following SQL is executed in those situations.
To require a single user to re-authenticate, use this SQL:
SELECT pg_terminate_backend(pid) FROM pg_stat_activity WHERE user = '<username>';
To require all users to re-authenticate, use this SQL:
SELECT pg_terminate_backend(pid) FROM pg_stat_activity WHERE user LIKE '%';
Determine all situations where a user must re-authenticate. Check if the mechanisms that handle such situations use the following SQL:
To make a single user re-authenticate, the following must be present:
SELECT pg_terminate_backend(pid) FROM pg_stat_activity WHERE user='<username>'
To make all users re-authenticate, run the following:
SELECT pg_terminate_backend(pid) FROM pg_stat_activity WHERE user LIKE '%'
If the provided SQL does not force re-authentication, this is a finding.
V-224204
False
EP11-00-008800
Determine all situations where a user must re-authenticate. Check if the mechanisms that handle such situations use the following SQL:
To make a single user re-authenticate, the following must be present:
SELECT pg_terminate_backend(pid) FROM pg_stat_activity WHERE user='<username>'
To make all users re-authenticate, run the following:
SELECT pg_terminate_backend(pid) FROM pg_stat_activity WHERE user LIKE '%'
If the provided SQL does not force re-authentication, this is a finding.
M
4107