Home > OEM Alerts, Oracle Enterprise Manager > Security Policy Violations in OEM

Security Policy Violations in OEM

Found this four policy violations under ‘Security’ category in OEM:

1. EXECUTE UTL_FILE privileges to PUBLIC

Recommendation: Oracle recommends that you revoke EXECUTE privileges on powerful packages from PUBLIC

Violation Count:1 Details: Package ­UTL_FILE

Solution:

REVOKE EXECUTE ON UTL_FILE FROM PUBLIC;

Anyone that happens to get any userid and password on your database will be able to use UTL_FILE.

This may be legitimate, or it may be malicious – and you have absolutely no control over it if the package is granted to public.

For example, person A legitimately dumps confidential data (or has a comma-delimited spreadsheet with payroll info) in the UTL_FILE directory. Person B, a casual employee who is unhappy and about to be fired, happens to get access to the database because the demo user SCOTT is unlocked with password TIGER. Person B can now access the confidential data.

Oracle uses the ‘least privilege’ security principal. That means Oracle recommends several packages, such as UTL_FILE, be granted execute on a need-to-use basis instead of simply granting to public.

2. Excessive PUBLIC EXECUTE privileges

Recommendation: Oracle recommends that you revoke EXECUTE privileges on powerful packages from PUBLIC

Violation Count:4 Details: Package ­UTL_SMTP, ­DBMS_RANDOM, ­UTL_TCP, ­UTL_HTTP

Solution:

REVOKE EXECUTE ON UTL_SMTP FROM PUBLIC;
REVOKE EXECUTE ON DBMS_RANDOM FROM PUBLIC;­
REVOKE EXECUTE ON UTL_TCP­ FROM PUBLIC;
REVOKE EXECUTE ON UTL_HTTP FROM PUBLIC;

3. Well-known accounts Security

Recommendation: Oracle recommends that you to expire and lock well-known accounts

Violation Count:1 Details: Account­ OUTLN(open)

4. Default passwords Security

Recommendation: Oracle recommends that all default passwords be changed

Violation Count:1 Details: Account­OUTLN­

References:

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: