Skip to content
Log In

MariaDB Enterprise 10.x Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000296-DB-000306

    Group
    Show

  • MariaDB must provide logout functionality to allow the user to manually terminate a session initiated by that user.

    If a user cannot explicitly end a DBMS session, the session may remain open and be exploited by an attacker; this is referred to as a zombie session. Such logout may be explicit or implicit. Examp...
    Rule Medium Severity
    Show

  • SRG-APP-000311-DB-000308

    Group
    Show

  • SRG-APP-000313-DB-000309

    Group
    Show

  • SRG-APP-000314-DB-000310

    Group
    Show

  • SRG-APP-000328-DB-000301

    Group
    Show

  • MariaDB must enforce discretionary access control policies, as defined by the data owner, over defined subjects, and objects.

    Discretionary Access Control (DAC) is based on the notion that individual users are owners of objects and therefore have discretion over who should be authorized to access the object and in which m...
    Rule Medium Severity
    Show

  • SRG-APP-000340-DB-000304

    Group
    Show

  • MariaDB must prevent nonprivileged users from executing privileged functions, to include disabling, circumventing, or altering implemented security safeguards/countermeasures.

    Preventing nonprivileged users from executing privileged functions mitigates the risk that unauthorized individuals or processes may gain unnecessary access to information or privileges. System d...
    Rule Medium Severity
    Show

  • SRG-APP-000342-DB-000302

    Group
    Show

  • SRG-APP-000357-DB-000316

    Group
    Show

  • SRG-APP-000359-DB-000319

    Group
    Show

  • SRG-APP-000360-DB-000320

    Group
    Show

  • MariaDB must provide an immediate real-time alert to appropriate support staff of all audit failure events requiring real-time alerts.

    It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impe...
    Rule Medium Severity
    Show

  • SRG-APP-000374-DB-000322

    Group
    Show

  • MariaDB must record time stamps, in audit records and application data, that can be mapped to Coordinated Universal Time (UTC, formerly GMT).

    If time stamps are not consistently applied and there is no common time reference, it is difficult to perform forensic analysis. Time stamps generated by MariaDB must include date and time. Time i...
    Rule Medium Severity
    Show

  • SRG-APP-000378-DB-000365

    Group
    Show

  • SRG-APP-000380-DB-000360

    Group
    Show

  • MariaDB must enforce access restrictions associated with changes to the configuration of MariaDB or database(s).

    Failure to provide logical access restrictions associated with changes to configuration may have significant effects on the overall security of the system. When dealing with access restrictions p...
    Rule Medium Severity
    Show

  • SRG-APP-000381-DB-000361

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules