MySQL: is column data safely deleted from hard drive on update/delete?

Question

Suppose I have one table called 'privacy':

privacy (id INT PRIMARY KEY, data BINARY(512))

Suppose I insert one row in such table:

INSERT INTO privacy(1, 'CIPHERTEXT')

with CIPHERTEXT the pseudo random bytes result of an AES encryption of certain plaintext.

My concern comes when UPDATING the data column or DELETING such row: Indeed, for privacy reasons, I don't want that someone who access my server retreive erased data values.

Does MySQL really delete the previous data from the hard drive when UPDATE/DELETE commands are sent ? Must we UPDATE the row with random data before DELETE command execution ?

Note: my server use an SSD hard drive with TRIM enabled and tables engines are InnoDB.

Thanks.

Answer 1

When InnoDB updates a record there are two paths possible:

1. if new record size is the same (which the case for your table btw) then the new record is written at the same position as the old one. I.e. the new record overwrites the old one.
2. If record size is different then the new record is added to the end of used data and the old record is marked as deleted. Take into account the old record in both cases is copied to rollback segment. See however Marc B's comment - there is no guarantee the new record is written at the same physical position on disk.

When InnoDB deletes a record, it's not deleted actually - the record is marked as free. The deleted record may stay in a page for a while until B+ tree is rebalanced (read - a lot of records are inserted or deleted).

Having said that your old record is recoverable with high chance of success no matter what you do.