1.3 Disable MySQL Command History

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


On Linux/UNIX, the MySQL client logs statements executed interactively to a history file. By default, this file is named .mysql_history in the user's home directory. Most interactive commands run in the MySQL client application are saved to a history file. The MySQL command history should be disabled.
NOTE : Nessus has not performed this query, and this check is only provided for informational purposes.


Perform the following steps to remediate this setting:
1. Remove .mysql_history if it exists.
2. Use either of the techniques below to prevent it from being created again:
1. Set the MYSQL_HISTFILE environment variable to /dev/null. This will need to be placed in the shell's startup script.
2. Create $HOME/.mysql_history as a symbolic to /dev/null.
> ln -s /dev/null $HOME/.mysql_history

See Also