3.4 Ensure 'slow_query_log' Has Appropriate Permissions and Ownership

Information

Limiting the accessibility of these objects will protect the confidentiality, integrity, and availability of the MySQL logs.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Execute the following command for each log file location requiring corrected permissions: chmod 660 <log file> chown mysql:mysql <log file> Impact: Changing the permissions of the log files might impact monitoring tools which use a logfile adapter. Also the slow query log can be used for performance analysis by application developers.

See Also

https://workbench.cisecurity.org/files/1619