3.10 Ensure File Key Management Encryption Plugin files have appropriate permissions

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


Certain Key Management Encryption plugins must store sensitive information in files for later retrieval. Such files should have proper permissions.


Limiting the accessibility of these files will protect the confidentiality, integrity, and availability of MariaDB plugin information and the data they protect.


If the File Key Management plugin is not configured, first implement recommendation 4.9 ('Enable data-at-rest encryption in MariaDB') from this benchmark.
Execute the following command for each file location requiring corrected permissions:

chmod 750 <file>
chown mysql:mysql <file>

See Also