2.1.2 Ensure 'extproc' Is Not Present in 'listener.ora'

Information

extproc should be removed from the listener.ora to mitigate the risk that OS libraries can be invoked by the Oracle instance.

Rationale:

extproc allows the database to run procedures from OS libraries. These library calls can, in turn, run any OS command.

Solution

To remediate this recommendation:

Remove extproc from the listener.ora file.

See Also

https://workbench.cisecurity.org/benchmarks/13413

Item Details

Category: SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CA-9, 800-53|SC-7, 800-53|SC-7(5), CSCv7|9.2

Plugin: Unix

Control ID: bd4cb2c96526edfe69bfdc02980fc7a7e4bda60eca2a78205aff2e150879a484