Hi,
That's what i thought... but it makes no sense to me... it should be a way
to store data safely using MySQL encryption functions...
In the meantime... what are you using for encryption?
FBR
"Matt W" <[EMAIL PROTECTED]>
22/02/2004 08:24 p.m.
To
<[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
cc
Subject
Re: Encryption Issue
Hi,
----- Original Message -----
From: <[EMAIL PROTECTED]>
Sent: Sunday, February 22, 2004 3:18 PM
Subject: Re: Encryption Issue
> According to documentation there is a "query log" wich logs
established
> connections and executed queries, also there is the "binary log" wich
> stores all statements that changes something (Used for
replication)....
>
> So... if i do something like
>
> update myTable set field1=AES_ENCRYPT('information', 'key')
>
> Any one who looks into the log file will be able to see the query, the
> information and the key, and all my information would be
compromised... am
> i wrong?
You're absolutely right. :-) Query contents can be seen in logs.
That's why I do any encryption in the client code and only use the
finished result in queries. Not sure how possible it is if you want to
use AES encrytion, though.
Matt
