Details
-
Question
-
Resolution: Done
-
Major - P3
-
None
-
None
-
None
-
None
Description
We are running a security scan on Mongo DB server using the guidelines provided by CIS organization. Following link gives the rules that are recommended by CIS and should be adhered to for considering a Mongo DB installation compliant.
http://www.itsecure.hu/library/image/CIS_MongoDB_3.4_Benchmark_v1.0.0.pdf
Referring to point number 7.2 Ensure that database file permissions are set correctly (Scored), the permission required on the data directory should be set to 660. When we set the data directory to this permission, the server fails to start with a "Permission denied" error.
Could you please provide reference documentation which specifies the minimum required permissions for the mongo user on the data directory for smooth running of MongoDB Server?