View Issue Details

IDProjectCategoryView StatusLast Update
0016235CentOS-7mariadbpublic2019-07-02 11:19
Reporterrmense 
PrioritynormalSeverityminorReproducibilityalways
Status newResolutionopen 
Product Version7.4.1708 
Target VersionFixed in Version 
Summary0016235: Datadir / mysql homedir permissions do not follow secure deployment guidelines
DescriptionBy default the datadir for installs of mariadb-server (or mysql-server for centos6) is set to /var/lib/mysql. It has '755' set as the permissions for this directory. This is contrary to the MySQL secure deployment guide https://dev.mysql.com/doc/mysql-secure-deployment-guide/8.0/en/secure-deployment-permissions.html which states the data directory should not have world read/execute permissions.
Steps To Reproduceyum install mariadb-server
Additional InformationVerified this is the default behavior for CentOS 6 & 7. Have not tested on 8 yet.
TagsNo tags attached.
abrt_hash
URL

Activities

TrevorH

TrevorH

2019-07-02 10:43

manager   ~0034760

CentOS is a rebuild of the sources used to create RHEL. We do not modify anything except to remove branding and logos. You will need to submit your request to Redhat via bugzilla.redhat.com and if/when RH accepts it and incorporates it into RHEL and releases a patched version, then CentOS will pick it up and rebuild it.
rmense

rmense

2019-07-02 11:19

reporter   ~0034761

Reported to redhat.
https://bugzilla.redhat.com/show_bug.cgi?id=1726226

Issue History

Date Modified Username Field Change
2019-07-02 09:54 rmense New Issue
2019-07-02 10:43 TrevorH Note Added: 0034760
2019-07-02 11:19 rmense Note Added: 0034761