MySQL Instance With Local Infile On

  • Query id: c759d6f2-4dd3-4160-82d3-89202ef10d87
  • Query name: MySQL Instance With Local Infile On
  • Platform: GoogleDeploymentManager
  • Severity: High
  • Category: Insecure Configurations
  • URL: Github

Description

MySQL Instance should not have Local Infile On
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file
resources:
  - name: db-instance
    type: sqladmin.v1beta4.instance
    properties:
      databaseVersion: MYSQL_5_7
      settings:
        databaseFlags:
          - name: local_infile
            value: on

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
resources:
  - name: db-instance
    type: sqladmin.v1beta4.instance
    properties:
      databaseVersion: MYSQL_5_7
      settings:
        databaseFlags:
          - name: local_infile
            value: off
Negative test num. 2 - yaml file
resources:
  - name: db-instance
    type: sqladmin.v1beta4.instance
    properties:
      databaseVersion: MYSQL_5_7
      settings:
        databaseFlags:
          - name: log_queries_not_using_indexes
            value: on