DG0112-ORACLE11 - DBMS system data files should be stored in dedicated disk directories.

Information

DBMS system data files have different access control requirements than application data and log files. Granting access to system data files beyond those required for system operations could lead to a compromise of the DBMS integrity or disclosure of sensitive data.

Solution

Create a dedicated directory or dedicated subdirectories to store database instance files.

Reconfigure the Oracle instance to point to the files in the new locations.

Where feasible, locate database instance files on a dedicated disk partition and/or RAID device to provide additional protection.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_11g_Y21M10_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|II, Rule-ID|SV-24419r1_rule, STIG-ID|DG0112-ORACLE11, Vuln-ID|V-15623

Plugin: OracleDB

Control ID: 04fdf2ae82ba215f7458d8365bbce9ec84cb1791e47e37af3e29ed63ad88f3d4