1.2 Use Dedicated Least Privileged Account for MySQL Daemon/Service

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

As with any service installed on a host, it can be provided with its own user context. Providing a dedicated user to the service provides the ability to precisely constrain the service within the larger host context.

Solution

Create a user which is only used for running MySQL and directly related processes. This user must not have administrative rights to the system.

See Also

https://workbench.cisecurity.org/files/1623