2.2.8 Ensure 'REMOTE_OS_AUTHENT' Is Set to 'FALSE'

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The remote_os_authent setting determines whether or not OS 'roles' with the attendant privileges are allowed for remote client connections. This setting should have a value of FALSE.

Note: This parameter has been deprecated in 12.1 and higher versions.

Rationale:

Permitting OS roles for database connections can allow the spoofing of connections and permit granting the privileges of an OS role to unauthorized users to make connections, this value should be restricted according to the needs of the organization.

Solution

To remediate this setting, execute the following SQL statement.

ALTER SYSTEM SET REMOTE_OS_AUTHENT = FALSE SCOPE = SPFILE;

See Also

https://workbench.cisecurity.org/files/2868