Re: [lopsa-tech] MySQL and Encryption

Wed, 24 Aug 2011 21:03:01 -0700

I try to reboot my database servers reasonably regularly as part of a patching cycle, for example after applying kernel updates. Service uptime, not server uptime :) If they've got root on the system, they can presumably just restart MySQL with skip-grant-tables and have direct access to the database and unecrypted data? Unless MySQL suddenly gains an extra step in restarting that requires entering the private key or whatever it is it's using. I've downloaded the docs will grab a read through tonight sometime probably and see what kind of a beast we're really dealing with. 

Paul

On 8/24/2011 5:48 PM, Singer X.J. Wang wrote:

How often do you reboot your database servers?
It also protects if someone hacks into the system and gets root or the server is physically stolen.
On Wed, Aug 24, 2011 at 23:44, <da...@lang.hm <mailto:da...@lang.hm>> wrote: 

    it only protects against the machine being stolen if the
    decryption key is not also stored on the machine. This would mean
    that there needs to be a manual step (either to enter the key or
    to unlock the key) every time the machine boots. Since nobody does
    that (everyone wants the machine to boot up without requireing a
    sysadmin login to it) it's snake oil in that case as well.

    the only time this actually works is if you have the drives remote
    from the system that's using them (in a SAN for example), in which
    case it can protect you from the case where someone steals the
    drives (or if you don't properly wipe the drives when you dispose
    of them)


    really, the only thing that this solves is the audit checkbox
    labeled 'database encryption'


    David Lang




     On Wed, 24 Aug 2011, Singer X.J. Wang wrote:

        Is it snake oil or is it not the solution for your problem?
        Just because its
        not the solution to your problem does not mean its snake oil
        and from
        reading your problem, it is not the solution for you.

        This is the solution for people who has a box at SoftLayer or
        RackSpace, or
        some VMs at Amazon EC2, or a rack at the colo facility
        themselves. It lets
        them ensure that if the box/server is compromised or stole,
        there is no data
        leak.

        Does it provide a valuable service? IMHO Yes. Is it what you
        need? No.

        S


        On Wed, Aug 24, 2011 at 20:38, Paul <p...@paulgraydon.co.uk
        <mailto:p...@paulgraydon.co.uk>> wrote:

            The general manager is getting concerned about how we're
            encrypting data in
            our databases (all sensitive data is encrypted in the
            database, with tight
            access restrictions and so on), and asked me to look at
            further options,
            giving me the following url:
            
http://blog.gazzang.com/out-**of-the-box-data-security-for-**mysql/<http://blog.gazzang.com/out-of-the-box-data-security-for-mysql/>



            It rather reads almost like snake-oil to me, or at least
            solving the
            problem at the wrong level.  If it operates between
            storage engine and file
            system so it's transparent to clients connecting to it...
            surely all anyone
            needs to do is then connect to a suitable machine and just
            dump the MySQL
            data?  Given the data is on servers inside a datacenter at
            a bank processing
            facility, and behind all their security, if someone has
            either gained root
            or physical access, I'm assuming the technology would be
            fairly moot.
            Disturbingly the one review I see for it is over on a
            rackspace page where
            someone is glad it's stopping credit card details from
            being visible to root
            users on the machine... so presumable well done to him
            storing cc details in
            the database unencrypted.

            I'm going to see if I can get a trial version and play a
            game of 'dodge the
            salesman', but I was wondering if anyone has any
            observations about it, or
            is using it and willing to share about it?

            Paul
            ______________________________**_________________
            Tech mailing list
            Tech@lists.lopsa.org <mailto:Tech@lists.lopsa.org>
            
https://lists.lopsa.org/cgi-**bin/mailman/listinfo/tech<https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech>


            This list provided by the League of Professional System
            Administrators
            http://lopsa.org/


        --
        The best compliment you could give Pythian for our service is
        a referral.


    _______________________________________________
    Tech mailing list
    Tech@lists.lopsa.org <mailto:Tech@lists.lopsa.org>
    https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
    This list provided by the League of Professional System Administrators
    http://lopsa.org/


--
The best compliment you could give Pythian for our service is a referral.







_______________________________________________
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
 http://lopsa.org/

Reply via email to