From EDB Postgres Advanced Server Security Technical Implementation Guide
Part of SRG-APP-000342-DB-000302
Associated with: CCI-002233
In certain situations, to provide required functionality, a DBMS needs to execute internal logic (stored procedures, functions, triggers, etc.) and/or external code modules with elevated privileges. However, if the privileges required for execution are at a higher level than the privileges assigned to organizational users invoking the functionality applications/programs, those users are indirectly provided with greater privileges than assigned by organizations.
Review the system documentation and source code of the application(s) using the database. If elevation of DBMS privileges is used but not documented, this is a finding. If elevation of DBMS privileges is documented but not implemented as described in the documentation, this is a finding. If the privilege-elevation logic can be invoked in ways other than intended, in contexts other than intended, or by subjects/principals other than intended, this is a finding. Execute the following SQL to find any users with BYPASS RLS permissions: select rolname from pg_roles where rolbypassrls = true; If any of these users are not superusers that should bypass RLS, this is a finding.
Determine where, when, how, and by what principals/subjects elevated privilege is needed.
Modify the system and the application(s) using the database to ensure privilege elevation is used only as required.
To alter a user to not allow bypassing RLS, execute the following SQL:
ALTER USER
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer