4.3 Ensure 'allow-suspicious-udfs' Is Set to 'FALSE' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.cnf

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Preventing shared libraries that do not contain user-defined functions from loading will reduce the attack surface of the server.

Solution

Perform the following to establish the recommended state: Remove --allow-suspicious-udfs from the mysqld start up command line. Remove allow-suspicious-udfs from the MySQL option file.

See Also

https://workbench.cisecurity.org/files/1619