Test ID:	1.3.6.1.4.1.25623.1.0.150374
Category:	Policy
Title:	openGauss: Enabling the Separation of Duties
Summary:	If the parameter enableSeparationOfDuty is set to on, the separation of duties is;enabled to control system administrator permissions. In this mode, system;administrators cannot create or modify user configurations or access data in;private users' schemas. In this way, system administrators' access to private data is;controlled. You are advised to disable the GUC parameter;enable_copy_server_files to control the COPY permission of the system;administrator, preventing the system administrator from reading or modifying the;user configuration file using the copy command.;For details about the separation of duties, see the Administrator Guide.
Description:	Summary: If the parameter enableSeparationOfDuty is set to on, the separation of duties is enabled to control system administrator permissions. In this mode, system administrators cannot create or modify user configurations or access data in private users' schemas. In this way, system administrators' access to private data is controlled. You are advised to disable the GUC parameter enable_copy_server_files to control the COPY permission of the system administrator, preventing the system administrator from reading or modifying the user configuration file using the copy command. For details about the separation of duties, see the Administrator Guide. CVSS Score: 0.0 CVSS Vector: AV:L/AC:H/Au:S/C:N/I:N/A:N
Copyright	Copyright (C) 2020 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.