[MDEV-9639] Galera Cluster files (galera.cache, others) and slow log/general log are not encrypted when encryption is enabled Created: 2016-02-26  Updated: 2024-01-14

Status: Open
Project: MariaDB Server
Component/s: Encryption
Fix Version/s: None

Type: New Feature Priority: Major
Reporter: Alexander Rubin Assignee: Unassigned
Resolution: Unresolved Votes: 5
Labels: None

Issue Links:
PartOf

 Description   

All data points of MariaDB 10.1.11 can be encrypted except:
Galera gcache + galera replication data (UPDATE -encrypted now)
Relay logs (UPDATE - encrypted now)
General log / slow query log

Please make those encryptable. Thank you!

 Comments   
Comment by Elena Stepanova [ 2016-02-26 ]

arubin,
Regarding relay logs, do you have encrypt-binlog in your cnf file?

Comment by Alexander Rubin [ 2016-02-27 ]

Elena Stepanova, I have upgraded to MariaDB 10.1.12 and relay logs are encrypted.
Other things in the list are not.

Comment by Elena Stepanova [ 2016-02-27 ]

Other things are not supposed to be encrypted, it has never been implemented or declared as such.

I'll convert it into a feature request, although I'm not sure that encryption of general log / slow query log is practical.
These logs are meant to be human-readable, there is no other use of them (unlike binary logs which are mainly used for replication). If you encrypt general/slow logs, they are useless, as nobody can read them, and if so, it's easier just not to enable them at the first place.
The only way they can be encrypted and still stay marginally useful is if at the same time we create a stand-alone tool to decrypt them; but then, it might be considered as a potential breach of security (one of reasons why mysqlbinlog still cannot read encrypted files).

Comment by Alexander Rubin [ 2016-02-29 ]

Elena,

Thank you very much for your comments! Make sense on Slow Query log / General Log. Is there any plans to implement encryption for Galera files?

Thanks!

Comment by Elena Stepanova [ 2016-02-29 ]

nirbhay_c, see the question above – any plans for encryption of Galera files?

Comment by Valerie Parham-Thompson [ 2016-03-07 ]

@Elena, I would like to see the slow log encrypted, too, but I see the issue as you described it.

What if you were to automatically encrypt the tables created when encryption is configured to be on, in the case these logs were written to table only (not file) as in https://mariadb.com/kb/en/mariadb/writing-logs-into-tables/ (I know this is not InnoDB though)?

[root@maria101 mysql]# less /var/lib/mysql/mysql/slow_log.CSV | grep insert
 
"2016-03-07 13:10:39.652739","root[root] @ localhost []","00:00:00.005131","00:00:00.000166",0,0,"",0,0,1,"insert into meetup.t2 values (9,9,'your','secret','999-99-9999')",4,1

Comment by Kolbe Kegel (Inactive) [ 2016-03-07 ]

I added a note about these limitations to https://mariadb.com/kb/en/mariadb/data-at-rest-encryption/#limitations.

Comment by Nirbhay Choubey (Inactive) [ 2016-03-08 ]

Its indeed a better choice to enable encryption for CSV engine and switch to table based logs for encryption.
OTOH, encrypting log files would call for a new viewer tool capable of decrypting these files.

Comment by Kolbe Kegel (Inactive) [ 2016-03-08 ]

The Aria engine can be used for the log tables, and Aria tables can be encrypted. However, the Aria log is not currently encrypted, so Aria-based log tables ends up being not a very good solution.

Comment by Guillaume Lefranc [ 2016-06-07 ]

galera replication data can be encrypted using SSL:

http://galeracluster.com/documentation-webpages/ssl.html

Comment by Ceri Williams [ 2018-07-25 ]

The limitation description is deceptive:

File-based general query log and slow query log cannot be encrypted (MDEV-9639).

When using SET GLOBAL log_output = "TABLE" you would clearly consider this to no longer be FILE, despite the CSV engine writing files that are human readable.

Generated at Thu Feb 08 07:36:12 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.