Details

MySQL can operate using a variety of log files, each used for different purposes. These are the binary log, error log, slow query log, relay log, and general log. Because these are files on the host operating system, they are subject to the permissions structure provided by the host and may be accessible by users other than the MySQL user.

NOTE : Nessus has not performed this query, and this check is only provided for informational purposes.

Solution

Modify permissions for the ‘slow_query_log’ log to not include inheritance, like the following:

administrators:
+ Apply To: ‘this folder, subfolders and files’
|- Inheritance: ‘not inherited’
|- Allow: ‘full control’

creator owner:
+ Apply To: ‘subfolders and files only’
|- Inheritance: ‘not inherited’
|- Allow: ‘full control’

mysql or NETWORK SERVICE:
+ Apply To: ‘this folder, subfolders and files’
|- Inheritance: ‘not inherited’
|- Allow: ‘full control’

system:
+ Apply To: ‘this folder, subfolders and files’
|- Inheritance: ‘not inherited’
|- Allow: ‘full control’

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/1617

This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability, Configuration Management.This control applies to the following type of system Windows.

References

• 800-53|AU-9(4)
• 800-53|CM-6b.
• CSCv6|3.1

Source

• Tenable.com/audits