Best practices

Mysql instance with ‘local_infile’ enabled

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

The local_infile flag controls the server-side LOCAL capability for LOAD DATA statements. Depending on the local_infile setting, the server refuses or permits local data loading by clients that have LOCAL enabled on the client side.
  • Recommended Mitigation

    Add the following database flag: 'local_infile=off'