Details

Limiting the accessibility of these objects will protect the confidentiality, integrity, and availability of the MySQL logs.

Solution

Execute the following commands for the audit_log_file discovered in the audit procedure: chmod 660 chown mysql:mysql Impact: Changing the permissions and ownership of the audit log file may have impact on who can access and edit the the audit log. Such changes can affect monitoring tools which maybe using a logfile adapter or scripted alternatives. Also the audit log may be used by alerting by infrastructure teams which can affect real-time audit capability.

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/1619

This control applies to the following type of system Unix.

Source

• Tenable.com/audits