26 Mar
2019
26 Mar
'19
5:03 a.m.
Hi,
The rationale is that the system administrator can do anything on the server (including manual edits to the DB files) anyway; thus, every user already implicitly trusts that user with their data.
The user that is the manager of the server(root in Linux) is not the owner of the data. So imho we should go exactly the opposite direction, trying to make more complicated, not easier, to just do anything that's not strictly managing the server. Yes he can tamper files but one thing is doing that and another is that any 'root' can read sensitive data, consider also MariaDB supports data at rest encryption with third party external key management system. Best Regards Claudio