Details

As with any service installed on a host, it can be provided with its own user context. Providing a dedicated user to the service provides the ability to precisely constrain the service within the larger host context.

Solution

Create a user which is only used for running MySQL and directly related processes. This user must not have administrative rights to the system.

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/1617

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

• 800-53|AC-6

Source

• Tenable.com/audits