3.8 Ensure Plugin Directory Has Appropriate Permissions

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


The plugin directory is the location of the MariaDB plugins. Plugins are storage engines or user defined functions (UDFs).


Limiting the accessibility of these objects will protect the confidentiality, integrity, and availability of the MariaDB database. If someone can modify plugins then these plugins might be loaded when the server starts and the code will get executed.


Users other than the MariaDB user will no longer be able to update and add/remove plugins unless they're able to switch to the MariaDB user.


To remediate these settings, execute the following commands at a terminal prompt using the plugin_dir Value from the audit procedure. MariaDB server must not be allowed to write to this location.

chmod 550 <plugin_dir Value> #(or use 554)
chown mysql:mysql <plugin_dir Value>

See Also