Information
When configured to use a Keyring plugin, internal MySQL components and plugins may securely store sensitive information for later retrieval. Associated files for the selected keyring type should have proper permissions.
Rationale:
Limiting the accessibility of these objects will protect the confidentiality, integrity, and availability of internal MySQL component and plugin information.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
If no keyring plugin or keyring file plugin is configured, instructions for configuring a keyring plugin or keyring file plugin may found at:
KMIP - https://dev.mysql.com/doc/refman/5.7/en/keyring-okv-plugin.html#keyring-okv-configuration
AWS - https://dev.mysql.com/doc/refman/5.7/en/keyring-aws-plugin.html#keyring-aws-plugin-configuration
Execute the following command for each Keyring file location requiring corrected permissions:
chmod 750 <keyring file>
chown mysql:mysql <keyring file>