I am exploring options for distributing a MySQL/MariaDB database with my app. I want to ensure users (even the root user) cannot view or manipulate data in my database/tables. Recent releases of MySQL and MariaDB have data-at-rest capabilities:
MariaDB
https://mariadb.com/kb/en/mariadb/why-encrypt-mariadb-data/
MySQL 5.7.11 comes with InnoDB tablespace encryption
https://dev.mysql.com/doc/refman/5.7/en/innodb-tablespace-encryption.html
But what is not clear to me is: Can the MySQL root user reset the encryption password on my database/tables to view or manipulate the contents?
Go to Source
Author: TSG