2.2.8 Ensure 'REMOTE_OS_ROLES' Is Set to 'FALSE'

Information

The remote_os_roles setting permits remote users' OS roles to be applied to database management. This setting should have a value of FALSE.

Rationale:

Allowing remote clients OS roles to have permissions for database management could cause privilege overlaps and generally weaken security.

Solution

To remediate this setting, execute the following SQL statement.

ALTER SYSTEM SET REMOTE_OS_ROLES = FALSE SCOPE = SPFILE;

See Also

https://workbench.cisecurity.org/benchmarks/13413

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-2, CSCv6|16, CSCv7|16.2

Plugin: OracleDB

Control ID: bb7055375ddf8a5f3f3bc2a8b18c8944c7069f37e6ffa0bba8923d1e4bb6a406