1.8 MYSQL_PWD

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The use of the MYSQL_PWD environment variable implies the clear text storage of MySQL credentials. Avoiding this may increase assurance that the confidentiality of MySQL credentials is preserved.

Solution

MySQL can read the database password from an environmental variable called MYSQL_PWD. Verify MYSQL_PWD environmental variable not used

See Also

https://workbench.cisecurity.org/files/1613

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1), CSCv6|16.13, CSCv6|16.14

Plugin: Unix

Control ID: 5ea6987b8298673c7c9ac50687efa2f1af0395ea9cf8b1faf94ef78bc0099aa7