Detections
Analytics

CIS MariaDB 10.11 v1.0.0 L2 MariaDB RDBMS on Linux Unix

Audit Details

Name: CIS MariaDB 10.11 v1.0.0 L2 MariaDB RDBMS on Linux Unix

Updated: 3/30/2026

Authority: CIS

Plugin: Unix

Revision: 1.0

Estimated Item Count: 23

File Details

Filename: CIS_MariaDB_10.11_v1.0.0_L2_MariaDB_RDBMS_on_Linux_Unix.audit

Size: 65.8 kB

MD5: 939b6f941a3221eb6f82d0283d78adde
SHA256: b4675b6b0aa6595f8c8fb3fa1f917e10281dd165013f78d908034b9885d61b3a

Audit Items

DescriptionCategories
1.1 Place Databases on Non-System Partitions

SYSTEM AND COMMUNICATIONS PROTECTION

1.2 Use Dedicated Least Privileged Account for MariaDB Daemon/Service

ACCESS CONTROL, MEDIA PROTECTION

1.3 Disable MariaDB Command History

MEDIA PROTECTION

1.4 Verify That the MYSQL_PWD Environment Variable is Not in Use

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.5 Ensure Interactive Login is Disabled

ACCESS CONTROL

1.6 Verify That 'MYSQL_PWD' is Not Set in Users' Profiles

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

1.7 Ensure MariaDB is Run Under a Sandbox Environment

SYSTEM AND COMMUNICATIONS PROTECTION

2.3 Do Not Specify Passwords in the Command Line

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.5 Ensure Non-Default, Unique Cryptographic Material is in Use

SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ensure 'datadir' Has Appropriate Permissions

ACCESS CONTROL, MEDIA PROTECTION

3.2 Ensure 'log_bin_basename' Files Have Appropriate Permissions

ACCESS CONTROL, MEDIA PROTECTION

3.3 Ensure 'log_error' Has Appropriate Permissions

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

3.4 Ensure 'slow_query_log' Has Appropriate Permissions

ACCESS CONTROL, MEDIA PROTECTION

3.5 Ensure 'relay_log_basename' Files Have Appropriate Permissions

ACCESS CONTROL, MEDIA PROTECTION

3.6 Ensure 'general_log_file' Has Appropriate Permissions

ACCESS CONTROL, MEDIA PROTECTION

3.7 Ensure SSL Key Files Have Appropriate Permissions

ACCESS CONTROL, MEDIA PROTECTION

3.8 Ensure Plugin Directory Has Appropriate Permissions

ACCESS CONTROL, MEDIA PROTECTION

3.9 Ensure 'server_audit_file_path' Has Appropriate Permissions

ACCESS CONTROL, MEDIA PROTECTION

3.10 Ensure File Key Management Encryption Plugin files have appropriate permissions

ACCESS CONTROL, MEDIA PROTECTION

4.3 Ensure 'allow-suspicious-udfs' is Set to 'OFF'

PLANNING, SYSTEM AND SERVICES ACQUISITION

4.5 Ensure mariadb is Not Started With 'skip-grant-tables'

ACCESS CONTROL, MEDIA PROTECTION

7.2 Ensure Passwords are Not Stored in the Global Configuration

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

CIS_MariaDB_10.11_v1.0.0_L2_MariaDB_RDBMS_on_Linux_Unix.audit from CIS MariaDB 10.11 v1.0.0