Rule ID
SV-261886r1000951_rule
Version
V1R2
CCIs
CCI-000381
Information systems are capable of providing a wide variety of functions and services. Some of the functions and services, provided by default, may not be necessary to support essential organizational operations (e.g., key missions, functions). It is detrimental for software products to provide, or install by default, functionality exceeding requirements or mission objectives. PostgreSQL must adhere to the principles of least functionality by providing only essential capabilities.
To get a list of all extensions installed, use the following commands: $ sudo su - postgres $ psql -c "select * from pg_extension where extname != 'plpgsql'" If any extensions exist that are not approved, this is a finding.
To remove extensions, use the following commands: $ sudo su - postgres $ psql -c "DROP EXTENSION <extension_name>" Note: Removal of plpgsql is not recommended.