Ensure appropriate database file permissions are set.

Details

MongoDB database files need to be protected using file permissions.

Rationale:

This will restrict unauthorized users from accessing the database.

Solution

Set ownership of the database file to mongodb user and remove other permissions using the following commands:

chmod 770 /var/lib/mongodb
chown mongodb:mongodb /var/lib/mongodb

Default Value:

Not configured

Supportive Information

The following resource is also helpful.

https://workbench.cisecurity.org/files/3463

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

800-53|AC-3
CSCv7|14.6

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles