STIGQter: STIG Summary: Oracle MySQL 8.0 Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Jan 2021: STIGQter: STIG Summary: Oracle MySQL 8.0 Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Jan 2021:SV-235165r638812_rule
V-235165
SRG-APP-000133-DB-000199
MYS8-00-008500
CAT II
10
Install all applications on directories separate from the DBMS software library directory. Relocate any directories or reinstall other application software that currently shares the DBMS software library directory.
If it is determined that configuration (options files) are inappropriately located, take the steps to move and protect these files and reconfigure mysqld startup commands to point to new the file location by setting the "--defaults-file" to point to the new location and filename for the mysql configuration file.
Review the MySQL Database Server 8.0 software library directory and note other root directories located on the same disk directory or any subdirectories.
To list directory variables run:
show variables where variable_name like '%dir%';
If any non-MySQL Database Server 8.0 software directories exist on the datadir, basedir, or other non tmpdir directories, examine or investigate their use.
If any of the directories are used by other applications, including third-party applications that use the MySQL Database Server 8.0, this is a finding.
Only applications that are required for the functioning and administration, not use, of the MySQL Database Server 8.0 should be located in the same disk directory as the DBMS software libraries.
If other applications are located in the same directory as the DBMS, this is a finding.
To determine where the mysql configuration file(s) are being stored and which configuration file(s) was used for which variables, run the following command:
SELECT t1.*, VARIABLE_VALUE
FROM performance_schema.variables_info t1
JOIN performance_schema.global_variables t2
ON t2.VARIABLE_NAME=t1.VARIABLE_NAME where length(t1.variable_path) > 0;
If result of VARIABLE_PATH shows that configuration values are not stored in files dedicated directories separate from the host os or other applications, this is a finding.
V-235165
False
MYS8-00-008500
Review the MySQL Database Server 8.0 software library directory and note other root directories located on the same disk directory or any subdirectories.
To list directory variables run:
show variables where variable_name like '%dir%';
If any non-MySQL Database Server 8.0 software directories exist on the datadir, basedir, or other non tmpdir directories, examine or investigate their use.
If any of the directories are used by other applications, including third-party applications that use the MySQL Database Server 8.0, this is a finding.
Only applications that are required for the functioning and administration, not use, of the MySQL Database Server 8.0 should be located in the same disk directory as the DBMS software libraries.
If other applications are located in the same directory as the DBMS, this is a finding.
To determine where the mysql configuration file(s) are being stored and which configuration file(s) was used for which variables, run the following command:
SELECT t1.*, VARIABLE_VALUE
FROM performance_schema.variables_info t1
JOIN performance_schema.global_variables t2
ON t2.VARIABLE_NAME=t1.VARIABLE_NAME where length(t1.variable_path) > 0;
If result of VARIABLE_PATH shows that configuration values are not stored in files dedicated directories separate from the host os or other applications, this is a finding.
M
5277