InnoDB temporary tablespace encryption
Add new global dynamic variable `innodb_
When it is turned on, server starts to encrypt temporary tablespace and
temporary InnoDB file-per-table tablespaces. Option does not force
encryption of temp tables which are currently opened, it doesn't rebuild
system temporary tablespace to encrypt data which already written. Since
temp tablespace created fresh at each server startup, it will not
contain unencrypted data if this option specified as server argument.
Turning this option off at runtime makes server to create all subsequent
temporary file-per-table tablespaces unencrypted, but does not turn off
encryption of system temporary tablespace.
To use this option, keyring plugin must be loaded. If keyring plugin is
not available, server will give error message and refuse to create new
temp tables.
Blueprint information
- Status:
- Started
- Approver:
- None
- Priority:
- High
- Drafter:
- Sergei Glushchenko
- Direction:
- Approved
- Assignee:
- Sergei Glushchenko
- Definition:
- Approved
- Series goal:
- Accepted for 5.7
- Implementation:
-
Needs Code Review
- Milestone target:
- None
- Started by
- Laurynas Biveinis
- Completed by
