> On Mar 26, 2019, at 12:03 AM, Claudio Nanni <[email protected]> wrote: > > Hi, > > The rationale is that the system administrator can do anything on the > server (including manual edits to the DB files) anyway; thus, every user > already implicitly trusts that user with their data. > > The user that is the manager of the server(root in Linux) is not the owner of > the data. > So imho we should go exactly the opposite direction, trying to make more > complicated, not easier, to just do anything that's not strictly managing the > server. > Yes he can tamper files but one thing is doing that and another is that any > 'root' can read sensitive data, consider also MariaDB supports data at rest > encryption with third party external key management system.
MariaDB already ships a “unix_socket” authn plugin by default. All the admin has to do in order to gain access to a user’s data is to enable that plugin for the user, drop privileges, then log in. Arguably, this is just a default-configuration change that I’m suggesting: configure root@localhost to use unix_socket authn by default (on Linux). -FG _______________________________________________ Mailing list: https://launchpad.net/~maria-discuss Post to : [email protected] Unsubscribe : https://launchpad.net/~maria-discuss More help : https://help.launchpad.net/ListHelp
