PGS9-00-000700 – Privileges to change PostgreSQL software modules must be limited – shared objects
Details If the system were to allow any user to make changes to software libraries, those changes might be implemented...
- Home
- Security Hardening
- DISA STIG PostgreSQL 9.x On RHEL OS V2R2
DISA STIG PostgreSQL 9.x On RHEL OS V2R2
PGS9-00-000710 – PostgreSQL must limit privileges to change functions and triggers, and links to software external to PostgreSQL – config
Details If the system were to allow any user to make changes to software libraries, those changes might be implemented...PGS9-00-000710 – PostgreSQL must limit privileges to change functions and triggers, and links to software external to PostgreSQL – database
Details If the system were to allow any user to make changes to software libraries, those changes might be implemented...PGS9-00-000800 – If passwords are used for authentication, PostgreSQL must transmit only encrypted representations of passwords.
Details The DoD standard for authentication is DoD-approved PKI certificates. Authentication based on User ID and Password may be used...PGS9-00-000900 – PostgreSQL must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies – authentication
Details Authentication with a DoD-approved PKI certificate does not necessarily imply authorization to access PostgreSQL. To mitigate the risk of...PGS9-00-000900 – PostgreSQL must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies – role privileges
Details Authentication with a DoD-approved PKI certificate does not necessarily imply authorization to access PostgreSQL. To mitigate the risk of...PGS9-00-000900 – PostgreSQL must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies – table privileges
Details Authentication with a DoD-approved PKI certificate does not necessarily imply authorization to access PostgreSQL. To mitigate the risk of...PGS9-00-001100 – PostgreSQL must associate organization-defined types of security labels having organization-defined security label values with information in transmission.
Details Without the association of security labels to information, there is no basis for PostgreSQL to make security-related access-control decisions....PGS9-00-001300 – The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (functions, trigger procedures, links to software external to PostgreSQL, etc.) must be restricted to authorized users – s used to modify database structure and logic modules must be restricted to authorized users.
Details If PostgreSQL were to allow any user to make changes to database structure or logic, those changes might be...PGS9-00-003100 – Database objects (including but not limited to tables, indexes, storage, trigger procedures, functions, links to software external to PostgreSQL, etc.) must be owned by database/DBMS principals authorized for ownership – df+
Details Within the database, object ownership implies full privileges to the owned object, including the privilege to assign access to...