DG0053-ORACLE11 - A single database connection configuration file should not be used to configure all database clients.

Information

Many sites distribute a single client database connection configuration file to all site database users that contains network access information for all databases on the site. Such a file provides information to access databases not required by all users that may assist in unauthorized access attempts.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Develop, document and implement procedures to distribute client connection definitions or definition files that contain only connection definitions authorized for that user or user workstation.

Include or note these procedures in the System Security Plan.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_11g_Y21M10_STIG.zip

Item Details

References: CAT|II, Rule-ID|SV-24628r1_rule, STIG-ID|DG0053-ORACLE11, Vuln-ID|V-3809

Plugin: Unix

Control ID: 8cb5437d80165ff3da8d4a9ed7b74365817ba5cf2986513efc98e45eda96d55e