Defined Type: ora_secured::controls::oracle_remote_os_authent_parameter_must_be_set_to_false
- Defined in:
- manifests/controls/oracle_remote_os_authent_parameter_must_be_set_to_false.pp
Summary
From SQL*Plus:Overview
ora_secured::controls::oracle_remote_os_authent_parameter_must_be_set_to_false
select value from v$parameter where name = ‘remote_os_authent’;
If the value returned does not equal FALSE, this is a finding.
Document remote OS authentication in the System Security Plan.
If not required or not mitigated to an acceptable level, disable remote OS authentication.
alter system set remote_os_authent = FALSE scope = spfile;
The above SQL*Plus command will set the parameter to take effect at next system startup.
## Skipping
To deliberately skip this control (e.g. meaning don’t use Puppet to enforce this setting), we provide you with three ways:
1) Add ‘ora_secured::controls::oracle_remote_os_authent_parameter_must_be_set_to_false: skip` to your hiera data. This will skip this control for ALL databases. 2) Add `ora_secured::controls::oracle_remote_os_authent_parameter_must_be_set_to_false::dbname: skip` to your hiera data. This will skip this control for specified database only. 3) Add an entry with the content `oracle_remote_os_authent_parameter_must_be_set_to_false` to the array value `ora_secured::skip_list` in your hiera data.
## Benchmarks
This control is used in the following benchmarks:
-
[Oracle Database 12c CIS V1](/docs/ora_secured/stig/db12c_V1.html) - id V-61425
See the file “LICENSE” for the full license governing this code.
46 47 48 49 50 51 52 53 |
# File 'manifests/controls/oracle_remote_os_authent_parameter_must_be_set_to_false.pp', line 46
define ora_secured::controls::oracle_remote_os_authent_parameter_must_be_set_to_false
{
ora_secured_setup { "oracle_remote_os_authent_parameter_must_be_set_to_false on ${title}":
ensure => 'present',
}
alert('Specified STIG control is not yet automatically enforced.')
}
|