Ensure Data Cluster Initialized Successfully
Details First time installs of PostgreSQL requires the instantiation of the database cluster. A database cluster is a collection of...
- Home
- Security Hardening
- CIS PostgreSQL 10 OS V1.0.0
CIS PostgreSQL 10 OS V1.0.0
Ensure excessive function privileges are revoked
Details In certain situations, to provide required functionality, PostgreSQL needs to execute internal logic (stored procedures, functions, triggers, etc.) and/or...Ensure FIPS 140-2 OpenSSL Cryptography Is Used – fips_enabled
Details Install, configure, and use OpenSSL on a platform that has a NIST certified FIPS 140-2 installation of OpenSSL. This...Ensure FIPS 140-2 OpenSSL Cryptography Is Used – openssl version
Details Install, configure, and use OpenSSL on a platform that has a NIST certified FIPS 140-2 installation of OpenSSL. This...Ensure Installation of Binary Packages
Details The PostgreSQL packages are installed on the Operating System from valid source. Rationale: Standard Linux distributions, although possessing the...Ensure Installation of Community Packages
Details Adding, and installing, the PostgreSQL community packages to the host’s package repository. Rationale: It’s an unfortunate reality that Linux...Ensure login via ‘host’ TCP/IP Socket is configured correctly
Details A large number of authentication METHODs are available for hosts connecting using TCP/IP sockets, including: * trust * reject...Ensure login via ‘local’ UNIX Domain Socket is configured correctly
Details A remote host login, via ssh, is arguably the most secure means of remotely accessing and administering the PostgreSQL...Ensure packages are obtained from authorized repositories
Details When obtaining and installing software packages (typically via yum), it’s imperative that packages are sourced only from valid and...Ensure sudo is configured correctly
Details It is common to have more than one authorized individual administering the PostgreSQL service at the Operating System level....