STIGQter: STIG Summary: vRealize - Cassandra Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017: STIGQter: STIG Summary: vRealize - Cassandra Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 05 Jun 2017:SV-87283r1_rule
V-72651
SRG-APP-000133-DB-000362
VROM-CS-000110
CAT II
10
Configure the Cassandra Server to restrict the role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to the DBMS, etc.) to authorized users.
At the command line execute the following command:
# chown root <file>
Replace <file> with the files that are not owned by either "admin" or "root".
Review the Cassandra Server settings to ensure the role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to the DBMS, etc.) are restricted to authorized users.
At the command prompt, execute the following command:
# find /usr/lib/vmware-vcops/cassandra -type f ! \( -user admin -o -user root \)
If any files are listed that are not owned by either "admin" or "root", this is a finding.
V-72651
False
VROM-CS-000110
Review the Cassandra Server settings to ensure the role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to the DBMS, etc.) are restricted to authorized users.
At the command prompt, execute the following command:
# find /usr/lib/vmware-vcops/cassandra -type f ! \( -user admin -o -user root \)
If any files are listed that are not owned by either "admin" or "root", this is a finding.
M
3179