MySQL Forums
Forum List  »  Security

Communication between unix sockets
Posted by: Tim Förster
Date: August 09, 2013 01:41AM

Hi,

there is a little question. Firstly i want to improve my own security and need to know, how mysql and php-fastcgi communicate important data. Like passwords or cipher keys from the mysql encrytion.

I have traced all read and write messages between the unix sockets by using "strace" like this:

strace -e trace=read,write -e read=0u,12u -e write=0u,12u -p 7624 -s 999999 -e verbose=all

then i have only executed a simple "mysql_connect" from a php script.

There is the complete log:


read(3, "\1\1\0\1\0\10\0\0", 8) = 8
read(3, "\0\1\0\0\0\0\0\0", 8) = 8
read(3, "\1\4\0\1\1\355\3\0", 8) = 8
read(3, "\f\0QUERY_STRING\16\3REQUEST_METHODGET\f\0CONTENT_TYPE\16\0CONTENT_LENGTH\17\37SCRIPT_FILENAME/home/timmy/webserver/index.php\v\nSCRIPT_NAME/index.php\v\1REQUEST_URI/\f\nDOCUMENT_URI/index.php\r\25DOCUMENT_ROOT/home/timmy/webserver\17\10SERVER_PROTOCOLHTTP/1.1\21\7GATEWAY_INTERFACECGI/1.1\17\vSERVER_SOFTWAREnginx/1.2.1\v\vREMOTE_ADDR78.47.60.99\v\5REMOTE_PORT41650\v\vSERVER_ADDR78.47.60.99\v\2SERVER_PORT80\v\17SERVER_NAMEfoerster-tim.de\5\0HTTPS\17\3REDIRECT_STATUS200\17\vHTTP_USER_AGENTcurl/7.26.0\t\17HTTP_HOSTfoerster-tim.de\v\3HTTP_ACCEPT*/*\0\0\0", 496) = 496
read(3, "\1\4\0\1\0\0\0\0", 8) = 8
read(4, "T\0\0\0\n5.5.31-0+wheezy1\0B\0\0\0rLc-VHHp\0\377\367\10\2\0\17\200\25\0\0\0\0\0\0\0\0\0\0{<SpXH>@dYoC\0mysql_native_password\0", 16384) = 88
write(4, "P\0\0\1\5\242\16\0\0\0\0@\10\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0root\0\24\23F|\227\263_\253{<\226\373E\233q1D\337\372\313\332mysql_native_password\0", 84) = 84
read(4, "\7\0\0\2\0\0\0\2\0\0\0", 16384) = 11
write(4, "\1\0\0\0\1", 5) = 5
write(3, "\1\6\0\1\0T\4\0X-Powered-By: PHP/5.4.4-14+deb7u3\r\nContent-type: text/html\r\n\r\nConnected successfully\0\0\0\0\1\3\0\1\0\10\0\0\0\0\0\0\0k r", 112) = 112

Could you please tell my communicating they important data and what is "mysql_native_password" ?


best regards

Options: ReplyQuote


Subject
Views
Written By
Posted
Communication between unix sockets
3544
August 09, 2013 01:41AM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.