View Issue Details

IDProjectCategoryView StatusLast Update
0016235CentOS-7mariadbpublic2019-07-02 11:19
Status newResolutionopen 
Product Version7.4.1708 
Target VersionFixed in Version 
Summary0016235: Datadir / mysql homedir permissions do not follow secure deployment guidelines
DescriptionBy default the datadir for installs of mariadb-server (or mysql-server for centos6) is set to /var/lib/mysql. It has '755' set as the permissions for this directory. This is contrary to the MySQL secure deployment guide which states the data directory should not have world read/execute permissions.
Steps To Reproduceyum install mariadb-server
Additional InformationVerified this is the default behavior for CentOS 6 & 7. Have not tested on 8 yet.
TagsNo tags attached.




2019-07-02 10:43

manager   ~0034760

CentOS is a rebuild of the sources used to create RHEL. We do not modify anything except to remove branding and logos. You will need to submit your request to Redhat via and if/when RH accepts it and incorporates it into RHEL and releases a patched version, then CentOS will pick it up and rebuild it.


2019-07-02 11:19

reporter   ~0034761

Reported to redhat.

Issue History

Date Modified Username Field Change
2019-07-02 09:54 rmense New Issue
2019-07-02 10:43 TrevorH Note Added: 0034760
2019-07-02 11:19 rmense Note Added: 0034761