O112-BP-023600 - Only authorized system accounts must have the SYSTEM tablespace specified as the default tablespace - default tablespace

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The Oracle SYSTEM tablespace is used by the database to store all DBMS system objects. Other use of the system tablespace may compromise system availability and the effectiveness of host system access controls to the tablespace files.

Solution

Create and dedicate tablespaces to support only one application.

Do not share tablespaces between applications.

Do not grant quotas to application object owners on tablespaces not dedicated to their associated application.

Run the queries:

alter database default tablespace <tablespace_name>;
alter database default temporary tablespace <temporary_tablespace_name>;

alter user <username> default tablespace <tablespace_name> temporary tablespace <temporary_tablespace_name>;

Replace <username> with the named user account.
Replace <tablespace_name> with the new default tablespace name.
Replace <temporary_tablespace_name> with the new default temporary tablespace name (typically TEMP).
Repeat the 'alter user' for each affected user account.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_11-2g_V2R3_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000366, Rule-ID|SV-219719r401224_rule, STIG-ID|O112-BP-023600, STIG-Legacy|SV-68249, STIG-Legacy|V-54009, Vuln-ID|V-219719

Plugin: OracleDB

Control ID: 1638aa43e6d3b02d152706505c0beb7a78e10326523678eecf685781447c6d22