Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-8775

enabling encryption is too error-prone

        Details

        • Type: Bug
        • Status: Closed
        • Priority: Major
        • Resolution: Fixed
        • Affects Version/s: 10.1.7
        • Fix Version/s: 10.1.8
        • Component/s: Encryption
        • Labels:
          None

          Description

          There are many *-encrypt- options and they *all have to be enabled to prevent data leaks.

          A possible solution could be a “meta-option” --encryption that would enable or disable all other encryption-related options.

            Gliffy Diagrams

              Attachments

                Activity

                Hide
                Permalink
                serg Sergei Golubchik added a comment -

                A much simpler solution is to provide a "preset" file, lilke

                /etc/my.cnf.d/enable_encryption.preset
                [mariadb]
aria-encrypt-tables
encrypt-binlog
encrypt-tmp-disk-tables
encrypt-tmp-files
loose-innodb-encrypt-log
loose-innodb-encrypt-tables

                and let the user !include it into his my.cnf as needed.

                Show
                serg Sergei Golubchik added a comment - A much simpler solution is to provide a "preset" file, lilke /etc/my.cnf.d/enable_encryption.preset [mariadb] aria-encrypt-tables encrypt-binlog encrypt-tmp-disk-tables encrypt-tmp-files loose-innodb-encrypt-log loose-innodb-encrypt-tables and let the user !include it into his my.cnf as needed.

                  People

                  • Assignee:
                    serg Sergei Golubchik
                    Reporter:
                    serg Sergei Golubchik
                  • Votes:
                    0 Vote for this issue
                    Watchers:
                    1 Start watching this issue

                    Dates

                    • Created:
                      Updated:
                      Resolved: