From Oracle Database 11g Instance STIG
Part of Oracle XML DB
The XML DB supports storage and retrieval of XML data objects in the Oracle Database. It requires the configuration of an Oracle shared-server dispatcher that is activated / used by the Oracle listener to pass http XML requests. If this service is not required, it should be uninstalled.
From SQL*Plus: select count(*) from dba_users where username = 'XDB'; select count(*) from v$parameter where name = 'dispatchers' and value like '%XDB%'; If a value of 0 is returned for either the first or the second SQL statement above, this is not a Finding. If a value of 1 (or more) is returned for the second SQL statement, review the System Security Plan to verify existence of all XML DB dispatchers is authorized. If it is not, this is a Finding.
If the database is authorized to support web services using XML over HTTP, then include documentation and authorization in the System Security Plan. If not authorized, uninstall XML DB per Oracle MetaLink Note 742014.1.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer