CIS MySQL 5.6 Linux OS L1 v1.1.0

Audit Details

Name: CIS MySQL 5.6 Linux OS L1 v1.1.0

Updated: 4/25/2022

Authority: CIS

Plugin: Unix

Revision: 1.12

Estimated Item Count: 28

File Details

Filename: CIS_MySQL_5.6_Community_Benchmark_v1.1.0_OS_UNIX_L1.audit

Size: 45.9 kB

MD5: 74102b75b2dee8b14bc3723afa562f90
SHA256: 8df077aea1a049100660ca8283b4dd5eb59272ddcf2563f3b80d336cc9088c6a

Audit Items

DescriptionCategories
1.2 Use Dedicated Least Privileged Account for MySQL Daemon/Service

ACCESS CONTROL

1.4 Verify That the MYSQL_PWD Environment Variables Is Not In Use

IDENTIFICATION AND AUTHENTICATION

1.6 Verify That 'MYSQL_PWD' Is Not Set In Users' Profiles - .bash_profile

IDENTIFICATION AND AUTHENTICATION

1.6 Verify That 'MYSQL_PWD' Is Not Set In Users' Profiles - .bashrc

IDENTIFICATION AND AUTHENTICATION

1.6 Verify That 'MYSQL_PWD' Is Not Set In Users' Profiles - .profile

IDENTIFICATION AND AUTHENTICATION

2.3 Do Not Specify Passwords in Command Line
3.1 Ensure 'datadir' Has Appropriate Permissions
3.2 Ensure 'log_bin_basename' Files Have Appropriate Permissions
3.3 Ensure 'log_error' Has Appropriate Permissions
3.4 Ensure 'slow_query_log' Has Appropriate Permissions
3.5 Ensure 'relay_log_basename' Files Have Appropriate Permissions
3.6 Ensure 'general_log_file' Has Appropriate Permissions
3.7 Ensure SSL Key Files Have Appropriate Permissions
3.8 Ensure Plugin Directory Has Appropriate Permissions
4.5 Ensure 'mysqld' Is Not Started with '--skip-grant-tables'
4.5 Ensure 'mysqld' Is Not Started with '--skip-grant-tables' - @[email protected]

ACCESS CONTROL

4.5 Ensure 'mysqld' Is Not Started with '--skip-grant-tables' - /etc/my.cnf

ACCESS CONTROL

4.5 Ensure 'mysqld' Is Not Started with '--skip-grant-tables' - /etc/mysql/my.cnf

ACCESS CONTROL

6.5 Ensure 'log-raw' Is Set to 'OFF' - @[email protected]

CONFIGURATION MANAGEMENT

6.5 Ensure 'log-raw' Is Set to 'OFF' - @[email protected] failed
6.5 Ensure 'log-raw' Is Set to 'OFF' - /etc/my.cnf

CONFIGURATION MANAGEMENT

6.5 Ensure 'log-raw' Is Set to 'OFF' - /etc/mysql/my.cnf

CONFIGURATION MANAGEMENT

6.5 Ensure 'log-raw' Is Set to 'OFF' - config files not found
7.3 Ensure Passwords Are Not Stored in the Global Configuration
7.3 Ensure Passwords Are Not Stored in the Global Configuration - @[email protected]/my.cnf

IDENTIFICATION AND AUTHENTICATION

7.3 Ensure Passwords Are Not Stored in the Global Configuration - /etc/my.cnf

IDENTIFICATION AND AUTHENTICATION

7.3 Ensure Passwords Are Not Stored in the Global Configuration - /etc/mysql/my.cnf

IDENTIFICATION AND AUTHENTICATION

MySQL 5.6 Community Edition is installed

CONFIGURATION MANAGEMENT