Details
This option prevents attaching arbitrary shared library functions as user-defined functions by checking for at least one corresponding method named _init, _deinit, _reset, _clear, or _add.
Rationale:
Preventing shared libraries that do not contain user-defined functions from loading will reduce the attack surface of the server.
Solution
Perform the following to establish the recommended state:
Remove –allow-suspicious-udfs from the mysqld start up command line.
Remove allow-suspicious-udfs from the MySQL option file.
Default Value:
OFF
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.