The situation is this: the database contains particularly sensitive information, the disclosure of which is highly undesirable. The employee (administrator) who removes the dump is a trustee. However, there is a need to improve the security of the system so that the administrator can take a dump, but could not watch the database. Is this possible and, if so, how? The base is either MySQL or PostgreSQL.

    1 answer 1

    Neither MySQL nor PostgreSQL has a built-in mechanism for removing encrypted dapm. Therefore, we can suggest the following approach: create a script that removes and encrypts a dump, for example, for PostgreSQL,

    pg_dumpall > databasegzip databaseencrypt database.gzmv database.gz.enc target

    At the same time, restrict user rights only by running the script and viewing the target folder. But in general, the reliability and security of such an approach in reality is questionable.