5.2 Ensure 'FILE' is Not Granted to Non-Administrative Users

Information

The FILE privilege is used to allow or disallow a user from reading and writing files on the server host. Any user with the FILE right granted has the ability to:

Read files from the local file system that are readable by the MySQL server (this includes world-readable files).

Write files to the local file system where the MySQL server has write access.

Rationale:

The FILE right allows MySQL users to read files from disk and to write files to disk. This may be leveraged by an attacker to further compromise MySQL. It should be noted that the MySQL server should not overwrite existing files.

Solution

Perform the following steps to remediate this setting:

Enumerate the non-administrative users found in the result set of the audit procedure.

For each user, issue the following SQL statement (replace <user> with the non-administrative user):

REVOKE FILE ON *.* FROM '<user>';

See Also

https://workbench.cisecurity.org/files/3844