Document Type | Technical Information
Category | Security
Applicable Product Versions | Tibero6, Tibero7
Document Number | TSETI017
Overview
| Category | Inspection Item | Importance | Code |
|---|---|---|---|
| Option Management | Adjust so that the Role of application program or DBA accounts is not set to Public | High | D-08 |
| Set OS ROLES, REMOTE_OS_AUTHENTICATION, REMOTE_OS_ROLES to FALSE | High | D-09 | |
| Password verification function is set and applied | Medium | D-19 | |
| Restriction of Unauthorized Object Owners | Low | D-20 | |
| Restriction on use of unauthorized GRANT OPTION | Medium | D-21 | |
| Set database resource limit function to TRUE | Low | D-22 |
This document describes the security vulnerability mitigation measures for the "Option Management - Restriction of Unauthorized Object Owners (D-20)" item.
Inspection Contents and Purpose
- Check whether Object Owners exist only for authorized accounts.
- If Object Owners exist for unauthorized users, remove them.
Inspection Criteria
| Criteria | Details |
|---|---|
| Good | Object Owners are limited to SYS, SYSTEM, administrator accounts, etc. |
| Vulnerable | Object Owners exist for general users as well |
Precautions Before Action
Check Basic Account List
The basic accounts created when installing Tibero are as follows. There are accounts added or removed depending on the DB version.
| Account Name | Password | Remarks |
| SYS | tibero | Account cannot be deleted DBA privileges required |
| SYSCAT | syscat | Account cannot be deleted |
| SYSGIS | sysgis | Account cannot be deleted |
| OUTLN | outln | Account cannot be deleted |
| TIBERO | tmax | Account can be deleted |
| TIBERO1 | tmax | Account can be deleted Does not exist from version T7 and above |
| SYSBACKUP | tibero | Account cannot be deleted Exists from some versions of T6FS07 (patch 301647 available) and T7 and above |
| LBACSYS | lbacsys | Account cannot be deleted Exists from version T7 and above |
Check Connected Systems
It is necessary to check the DB accounts used in connected systems in advance.
Method
Configuration
- Before work, check whether unauthorized object owners exist
set pages 999
set lines 400
col grantee for a20
col owner for a20
col table_name for a30
col grantor for a20
col privilege for a20
col grantable for a30
select * from dba_tbl_privs where GRANTEE not in ('PUBLIC','SYS','SYSCAT','SYSGIS','OUTLN','SYSBACKUP','LBACSYS','HS_ADMIN_ROLE','SELECT_CATALOG_ROLE');
GRANTEE OWNER TABLE_NAME GRANTOR PRIVILEGE GRANTABLE
-------------------- -------------------- ------------------------------ -------------------- -------------------- ------------------------------
P_TEST SYS V$SQLTEXT SYS SELECT NO
1 row selected.
- Revoke privileges
REVOKE [PRIVILEGE] on [OWNER].[TABLE_NAME] FROM [GRANTEE]; ex) REVOKE SELECT ON SYS.V$SQLTEXT FROM P_TEST;
- After work, check whether unauthorized object owners exist
set pages 999
set lines 400
col grantee for a20
col owner for a20
col table_name for a30
col grantor for a20
col privilege for a20
col grantable for a30
select * from dba_tbl_privs where GRANTEE not in ('PUBLIC','SYS','SYSCAT','SYSGIS','OUTLN','SYSBACKUP','LBACSYS','HS_ADMIN_ROLE','SELECT_CATALOG_ROLE');
0 row selected.
Restoration
- Grant privileges
GRANT [PRIVILEGE] on [OWNER].[TABLE_NAME] TO [GRANTEE]; ex) grant select on sys.v$sqltext to p_test;