From Database Security Requirements Guide
Part of SRG-APP-000431-DB-000388
Associated with: CCI-002530
Database management systems can maintain separate execution domains for each executing process by assigning each process a separate address space. Each process has a distinct address space so that communication between processes is controlled through the security functions, and one process cannot modify the executing code of another process. Maintaining separate execution domains for executing processes can be achieved, for example, by implementing separate address spaces.
Review the DBMS architecture to find out if and how it protects the private resources of one process (such as working memory, temporary tables, uncommitted data and, especially, executable code) from unauthorized access or modification by another user or process. If it is not capable of maintaining a separate execution domain for each executing process, this is a finding. If the DBMS is capable of maintaining a separate execution domain for each executing process, but is configured not to do so, this is a finding.
Deploy a DBMS capable of maintaining a separate execution domain for each executing process. If this is a configurable feature, configure the DBMS to implement it.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer