[MDEV-11273] Please expand on description for file_key_management_filekey Created: 2016-11-11 Updated: 2016-11-14 Resolved: 2016-11-14 |
|
| Status: | Closed |
| Project: | MariaDB Server |
| Component/s: | Documentation |
| Fix Version/s: | N/A |
| Type: | Task | Priority: | Major |
| Reporter: | Chris Calender (Inactive) | Assignee: | Ian Gilfillan |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Description |
|
Hello, This is just a minor documentation request to ask if we can expand slightly on our "file_key_management_filekey" definition. In the manual currently, it states: "file_key_management_filekey: An optional key to decrypt the key file. If the key starts with FILE: the rest of the value is interpreted as a path to the file that contains the key. " https://mariadb.com/kb/en/mariadb/data-at-rest-encryption/ As-is, I think it can be easy overlook the whole "FILE:/path/to/filekey" as opposed to just setting the variable to the value you wish. However, if you are setting this variable in the first place, then you are more than likely going to want to set this to the FILE:/path/to/filekay so that the actual filekey cannot be read by anyone via a SHOW command. Consequently, that file would need the proper permissions so that mysql can read it, but not unauthorized users. I think this would be worth adding, somehow, to that definition. Thank you for your consideration. |
| Comments |
| Comment by Ian Gilfillan [ 2016-11-14 ] |
|
A note has been added to the docs |