On Monday 19 June 2006 19:09, knitti wrote: > protocol attacks on the application which talks to mysql?
Uhm, and using a domain socket is different how? > if you use some php stuff (any php sutff ;) and talk to mysql, you can > manipulate the db by sql injection. And? This has nothing to do with what kind of socket is used. SQL injection problems doesn't magically go away if you use a domain socket. > if _then_ mysql has e.g. a hole > which allows it to be manipulated or broken out into a shell, a chroot > would help al lot ;) Uh, yes. it's in a chroot so you'll talk to it using tcp to localhost. I'm still not clear on exactly why a domain socket is more secure than a localhost tcp socket. Faster? Sure, but probably not by an amount that matters. More secure? I really don't see how in this case. --- Lars Hansson
