2.2.4 Ensure 'OS_ROLES' Is Set to 'FALSE'

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The os_roles setting permits externally created groups to be applied to database management.

Rationale:

Allowing the OS to use external groups for database management could cause privilege overlaps and generally weaken security.

Solution

To remediate this setting, execute the following SQL statement.

ALTER SYSTEM SET OS_ROLES = FALSE SCOPE = SPFILE;

See Also

https://workbench.cisecurity.org/files/4252