7.2 Ensure that database file permissions are set correctly

Information

MongoDB database files need to be protected using file permissions.

Rationale:

This will restrict unauthorized users from accessing the database.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Set ownership of the database file to mongodb user and remove other permissions using the following commands:

chmod 660 /var/lib/mongodb

sudo chown mongodb:mongodb /var/lib/mongodb


Default Value:

Not configured

See Also

https://workbench.cisecurity.org/files/1725

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CSCv6|14.4

Plugin: Windows

Control ID: 4a7e5bd1d38dfd96ef092f54bac29f883b4aa310e35908708de2ca622975bbdf