SV-233524r617333_rule
V-233524
SRG-APP-000180-DB-000115
CD12-00-001400
CAT II
10
To drop a role, as the database administrator (shown here as "postgres"), run the following SQL:
$ sudo su - postgres
$ psql -c "DROP ROLE <role_to_drop>"
To create a role, as the database administrator, run the following SQL:
$ sudo su - postgres
$ psql -c "CREATE ROLE <role name> LOGIN"
For the complete list of permissions allowed by roles, see the official documentation: https://www.postgresql.org/docs/current/static/sql-createrole.html
PostgreSQL uniquely identifies and authenticates PostgreSQL users through the use of DBMS roles.
To list all roles in the database, as the database administrator (shown here as "postgres"), run the following SQL:
$ sudo su - postgres
$ psql -c "\du"
If users are not uniquely identified per organizational documentation, this is a finding.
V-233524
False
CD12-00-001400
PostgreSQL uniquely identifies and authenticates PostgreSQL users through the use of DBMS roles.
To list all roles in the database, as the database administrator (shown here as "postgres"), run the following SQL:
$ sudo su - postgres
$ psql -c "\du"
If users are not uniquely identified per organizational documentation, this is a finding.
M
5254