MongoDB must prevent unauthorized and unintended information transfer via shared system resources.

An XCCDF Rule

Description

The purpose of this control is to prevent information, including encrypted representations of information, produced by the actions of a prior user/role (or the actions of a process acting on behalf of a prior user/role) from being available to any current user/role (or current process) that obtains access to a shared system resource (e.g., registers, main memory, secondary storage) after the resource has been released back to the information system. Control of information in shared resources is also referred to as object reuse. Satisfies: SRG-APP-000243-DB-000373, SRG-APP-000243-DB-000374

ID: SV-221180r879649_rule
Version: MD3X-00-000470
Severity: Medium
References: CCI-001090
Updated: 26 days ago

Remediation Templates

Correct the permission to the files and/or directories that are in violation.

MongoDB Configuration file (default location): 
chown mongod:mongod /etc/mongod.conf
chmod 755 /etc/mongod.conf
MongoDB data file directory (default location): 
chown -R mongod:mongod/var/lib/mongo
chmod -R 755/var/lib/mongo

MongoDB must prevent unauthorized and unintended information transfer via shared system resources.

Description

Remediation Templates

A Manual Procedure