7.1 Ensure that key file permissions are set correctly

Information

The key file is used for authentication in the sharded cluster. Implementing proper file permissions on the key file will prevent unauthorized access to it.
Rationale:
Protecting the key file strengthens authentication in the sharded cluster and prevents unauthorized access to the MongoDB database.

Solution

Set the keyFile ownership to mongodb user and remove other permissions by executing these commands:
chmod 600 /keyfile
sudo chown mongodb:mongodb /keyfile


Default Value:
Not configured

See Also

https://workbench.cisecurity.org/files/1705

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CSCv6|16.14

Plugin: Unix

Control ID: 02accde7864b1607d12840082989ffa4bb1ac9234c5f183d60602d41d4c2037f