Communication between unix sockets
Hi,
there is a little question. Firstly i want to improve my own security and need to know, how mysql and php-fastcgi communicate important data. Like passwords or cipher keys from the mysql encrytion.
I have traced all read and write messages between the unix sockets by using "strace" like this:
strace -e trace=read,write -e read=0u,12u -e write=0u,12u -p 7624 -s 999999 -e verbose=all
then i have only executed a simple "mysql_connect" from a php script.
There is the complete log:
read(3, "\1\1\0\1\0\10\0\0", 8) = 8
read(3, "\0\1\0\0\0\0\0\0", 8) = 8
read(3, "\1\4\0\1\1\355\3\0", 8) = 8
read(3, "\f\0QUERY_STRING\16\3REQUEST_METHODGET\f\0CONTENT_TYPE\16\0CONTENT_LENGTH\17\37SCRIPT_FILENAME/home/timmy/webserver/index.php\v\nSCRIPT_NAME/index.php\v\1REQUEST_URI/\f\nDOCUMENT_URI/index.php\r\25DOCUMENT_ROOT/home/timmy/webserver\17\10SERVER_PROTOCOLHTTP/1.1\21\7GATEWAY_INTERFACECGI/1.1\17\vSERVER_SOFTWAREnginx/1.2.1\v\vREMOTE_ADDR78.47.60.99\v\5REMOTE_PORT41650\v\vSERVER_ADDR78.47.60.99\v\2SERVER_PORT80\v\17SERVER_NAMEfoerster-tim.de\5\0HTTPS\17\3REDIRECT_STATUS200\17\vHTTP_USER_AGENTcurl/7.26.0\t\17HTTP_HOSTfoerster-tim.de\v\3HTTP_ACCEPT*/*\0\0\0", 496) = 496
read(3, "\1\4\0\1\0\0\0\0", 8) = 8
read(4, "T\0\0\0\n5.5.31-0+wheezy1\0B\0\0\0rLc-VHHp\0\377\367\10\2\0\17\200\25\0\0\0\0\0\0\0\0\0\0{<SpXH>@dYoC\0mysql_native_password\0", 16384) = 88
write(4, "P\0\0\1\5\242\16\0\0\0\0@\10\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0root\0\24\23F|\227\263_\253{<\226\373E\233q1D\337\372\313\332mysql_native_password\0", 84) = 84
read(4, "\7\0\0\2\0\0\0\2\0\0\0", 16384) = 11
write(4, "\1\0\0\0\1", 5) = 5
write(3, "\1\6\0\1\0T\4\0X-Powered-By: PHP/5.4.4-14+deb7u3\r\nContent-type: text/html\r\n\r\nConnected successfully\0\0\0\0\1\3\0\1\0\10\0\0\0\0\0\0\0k r", 112) = 112
Could you please tell my communicating they important data and what is "mysql_native_password" ?
best regards