maria-discuss team mailing list archive
-
maria-discuss team
-
Mailing list archive
-
Message #05388
Re: Why does local root need a password?
Hi,
>
> The rationale is that the system administrator can do anything on
> the server (including manual edits to the DB files) anyway; thus, every
> user already implicitly trusts that user with their data.
>
The user that is the manager of the server(root in Linux) is not the owner
of the data.
So imho we should go exactly the opposite direction, trying to make more
complicated, not easier, to just do anything that's not strictly managing
the server.
Yes he can tamper files but one thing is doing that and another is that any
'root' can read sensitive data, consider also MariaDB supports data at rest
encryption with third party external key management system.
Best Regards
Claudio
>
Follow ups
References