7.2 Ensure that database file permissions are set correctly

Information

MongoDB database files need to be protected using file permissions.

Rationale:

This will restrict unauthorized users from accessing the database.

Solution

Set ownership of the database file to mongodb user and remove other permissions using the following commands:

chmod 770 /var/lib/mongodb
sudo chown mongodb:mongodb /var/lib/mongodb

Default Value:

Not configured

See Also

https://workbench.cisecurity.org/files/3560

Item Details

Category: ACCESS CONTROL, MEDIA PROTECTION

References: 800-53|AC-3, 800-53|AC-5, 800-53|AC-6, 800-53|MP-2, CSCv7|14.6

Plugin: Unix

Control ID: 04f37b01046aa481da6511e9426c64f526a0e1b8b5d24fcc5ce26b2d83b89b1a