STIGQter: STIG Summary: MongoDB Enterprise Advanced 3.x Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jul 2020: STIGQter: STIG Summary: MongoDB Enterprise Advanced 3.x Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 24 Jul 2020:SV-96565r1_rule
V-81851
SRG-APP-000121-DB-000202
MD3X-00-000220
CAT II
10
Run these commands:
"chown mongod <MongoDB configuration file>"
"chgrp mongod <MongoDB configuration file>"
"chmod 700 <<MongoDB configuration file>"
(The name and location for the MongoDB configuration file will vary according to local circumstances. The default name and location is '/etc/mongod.conf'.)
Using the default name and location the commands would be:
> chown mongod /etc/mongod.conf
> chgrp mongod /etc/mongod.conf
> chmod 700 /etc/mongod.conf
Verify User ownership, Group ownership, and permissions on the “<MongoDB configuration file>":
(default name and location is '/etc/mongod.conf')
(The name and location for the MongoDB configuration file will vary according to local circumstances.)
Using the default name and location the command would be:
> ls –ald /etc/mongod.conf
If the User owner is not "mongod", this is a finding.
If the Group owner is not "mongod", this is a finding.
If the filename is more permissive than "700", this is a finding.
V-81851
False
MD3X-00-000220
Verify User ownership, Group ownership, and permissions on the “<MongoDB configuration file>":
(default name and location is '/etc/mongod.conf')
(The name and location for the MongoDB configuration file will vary according to local circumstances.)
Using the default name and location the command would be:
> ls –ald /etc/mongod.conf
If the User owner is not "mongod", this is a finding.
If the Group owner is not "mongod", this is a finding.
If the filename is more permissive than "700", this is a finding.
M
3265