The EMPDEMO databases, database objects, and applications must be removed.

An XCCDF Rule

Description

<VulnDiscussion>Demonstration and sample database objects and applications present publicly known attack points for malicious users. These demonstration and sample objects are meant to provide simple examples of coding specific functions, and are not developed to prevent vulnerabilities from being introduced to the DBMS and host system.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-251608r960963_rule
Severity: Low
References: CCI-000381
Updated: 17 days ago

In OCF/BCF, ALTER DMCL <dmclname> and EXCLUDE SEGMENT EMPDEMO, SQLDEMO and/or PROJDEMO. Generate, punch, and relink dmcl. Do the same for DBTABLE <dbtbname>.

Remove load modules EMPSS01, EMPDMCL, EMPLOAD, EMPRPT, and EMPINQ from installation load libraries.
                                                                                                                                                                                                                                                                                                                                        
Remove files <installation prefix>.EMPDEMO.EMPDEMO. <installation prefix>.EMPDEMO.INSDEMO, <installation prefix>.ORGDEMO.EMPDEMO, <installation prefix>.SQLDEMO.EMPLDEMO, <installation prefix>.SQLDEMO.INDXDEMO, <installation prefix>.SQLDEMO.INFODEMO, <installation prefix>.PROJSEG.PROJDEMO from installation and installation JCL.
Remove database demo objects from application dictionaries including EMPSCHM record elements and records, EMPSS01, and schemas DEMOEMPL and DEMOPROJ, dropping all the tables in theses schemas.                                                                                               

For future base installs, specify EMPDEMO=NO and SQLDEMO=NO for CAISAG installs and do not select CREATE_DB_DEMO and CREATE_SQL_DEMO fields on CSM installs.                                                                                                                                                                                                                                                                                                                                                                                           

Note that specified names are default names. Use modified names if they were changed during base installation.

The EMPDEMO databases, database objects, and applications must be removed.

Description

Remediation - Manual Procedure