2.1.1 Ensure 'extproc' Is Not Present in 'listener.ora'

Information

extproc should be removed from the listener.ora to mitigate the risk that OS libraries can be invoked by the Oracle instance.

Rationale:

extproc allows the database to run procedures from OS libraries. These library calls can, in turn, run any OS command.

Solution

To remediate this recommendation:

Remove extproc from the listener.ora file.

See Also

https://workbench.cisecurity.org/benchmarks/11760

Item Details

Category: SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CA-9, 800-53|SC-7, 800-53|SC-7(5), CSCv7|9.2

Plugin: Unix

Control ID: fbd4e2953afad2e94db5ed1dbee67a5e41294e6c4e204f520548a0e6eab31848