DoD STIGs – V-32234

Overview:

Title: DBMS processes or services must run under custom, dedicated OS accounts.

Vulnerability ID: V-32234

STIG ID:

IA Controls: None

Severity: medium

Description: Separation of duties is a prevalent Information Technology control that is implemented at different layers of the information system, including the operating system and in applications. It serves to eliminate or reduce the possibility that a single user may carry out a prohibited action. Separation of duties requires that the person accountable for approving an action is not the same person who is tasked with implementing or carrying out that action.

The DBMS must run under a custom dedicated OS account. When the DBMS is running under a shared account, users with access to that account could inadvertently or maliciously make changes to DBMS’s settings, files, or permissions.

Check Text: Check OS settings to determine whether DBMS processes are running under a dedicated OS account. If the DBMS processes are running under shared accounts, this is a finding.

Fix Text: Create a DBMS account dedicated to DBMS processes and allow only DBMS processes to run under the account.

[divider]

Interpreting V-32234:

Coming Soon!

Return to the DoD STIGs – Database Security Requirements Guide

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.