SQL6-D0-000600 - SQL Server must protect against a user falsely repudiating by ensuring databases are not in a trust relationship.

Information

Non-repudiation of actions taken is required in order to maintain data integrity. Examples of particular actions taken by individuals include creating information, sending a message, approving information (e.g., indicating concurrence or signing a contract), and receiving a message.

Non-repudiation protects against later claims by a user of not having created, modified, or deleted a particular data item or collection of data in the database.

SQL Server provides the ability for high privileged accounts to impersonate users in a database using the TRUSTWORTHY feature. This will allow members of the fixed database role to impersonate any user within the database.

Solution

Disable trustworthy on the database.

ALTER DATABASE [<database name>] SET TRUSTWORTHY OFF

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_SQL_Server_2016_Y24M10_STIG.zip

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-10, CAT|II, CCI|CCI-000166, Rule-ID|SV-213904r960864_rule, STIG-ID|SQL6-D0-000600, STIG-Legacy|SV-93777, STIG-Legacy|V-79071, Vuln-ID|V-213904

Plugin: MS_SQLDB

Control ID: 2bf2e5b8a00212fd726d4408ce5256b108814b453b0ad838f9bfc32fd007ca5d