4.8 Ensure the 'secure_file_priv' is Configured Correctly

Information

The secure_file_priv option restricts to paths used by LOAD DATA INFILE or SELECT local_file. It is recommended that this option be set to a file system location that contains only resources expected to be loaded by MySQL. Even better, if data import/export using LOAD DATA INFILE or SELECT local_file is not used, the functionality should be disabled entirely by setting --secure-file-priv to NULL.

Rationale:

Setting secure_file_priv reduces an attacker's ability to read sensitive files off the affected server via a SQL injection vulnerability.

Impact:

Solutions that rely on loading data from various sub-directories may be negatively impacted by this change. Consider consolidating load directories under a common parent directory.

The server checks the value of secure_file_priv at startup and writes a warning to the error log if the value is insecure. A non-NULL value is considered insecure if it is empty, or the value is the data directory or a subdirectory of it, or a directory that is accessible by all users.

Solution

If you are not going to use this feature, remove secure_file_priv from the [mysqld] section of the MySQL configuration file and restart the MySQL service.

If you need this feature add the following line to the [mysqld] section of the MySQL configuration file and restart the MySQL service:

secure_file_priv=<path_to_load_directory>

Default Value:

Prior to 5.6.34 - empty string Starting with 5.6.34 - Varies by platform.

See Also

https://workbench.cisecurity.org/files/3859

Item Details

Category: ACCESS CONTROL, MEDIA PROTECTION

References: 800-53|AC-3, 800-53|AC-5, 800-53|AC-6, 800-53|MP-2, CSCv7|13

Plugin: MySQLDB

Control ID: bfbdd84f5cf34f1ba9591d3e50fcae80f2e97e1eed26534c1fa1503f82c90b9c