Details

Limiting the accessibility of these objects will protect the confidentiality, integrity, and availability of the MySQL logs.

Solution

Execute the following command for each log file location requiring corrected permissions and ownership: chmod 660 chown mysql:mysql Impact: Changing the permissions of the log files might impact monitoring tools which use a logfile adapter. If the permissions on the relay logs are accidentally changed to exclude the user account which is used to run the MySQL service then this might break replication.

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/1619

This control applies to the following type of system Unix.

Source

• Tenable.com/audits