Re: sqlite secure delete
On Tue, Jul 24, 2012 at 08:20:55PM -0400, Ted Unangst wrote: I think this option should be available. Index: Makefile === RCS file: /cvs/src/lib/libsqlite3/Makefile,v retrieving revision 1.8 diff -u -p -r1.8 Makefile --- Makefile 22 Jun 2012 17:52:34 - 1.8 +++ Makefile 24 Jul 2012 11:42:51 - @@ -40,6 +40,7 @@ SRCS += pthread_stub.c FEATURE_FLAGS = -DSQLITE_ENABLE_COLUMN_METADATA \ -DSQLITE_ENABLE_RTREE \ -DSQLITE_ENABLE_UNLOCK_NOTIFY \ + -DSQLITE_SECURE_DELETE \ -DSQLITE_ENABLE_FTS3 CPPFLAGS += $(FEATURE_FLAGS) -DSQLITE_THREADSAFE=1 \ Note sure it's a good idea, since it's a non-negligible performance loss for all sqlite users if you change it to default to true. For example all mozilla ports want it, and instead of trying to push it into the lib i've resorted to use 'PRAGMA secure_delete = ON' in the client code to selectively turn it no. See mozilla-firefox/patches/patch-storage_src_mozStorageConnection_cpp and https://bugzilla.mozilla.org/show_bug.cgi?id=546162 Landry
Re: sqlite secure delete
On Tue, Jul 24, 2012 at 08:20:55PM -0400, Ted Unangst wrote: I think this option should be available. Index: Makefile === RCS file: /cvs/src/lib/libsqlite3/Makefile,v retrieving revision 1.8 diff -u -p -r1.8 Makefile --- Makefile 22 Jun 2012 17:52:34 - 1.8 +++ Makefile 24 Jul 2012 11:42:51 - @@ -40,6 +40,7 @@ SRCS += pthread_stub.c FEATURE_FLAGS = -DSQLITE_ENABLE_COLUMN_METADATA \ -DSQLITE_ENABLE_RTREE \ -DSQLITE_ENABLE_UNLOCK_NOTIFY \ + -DSQLITE_SECURE_DELETE \ -DSQLITE_ENABLE_FTS3 CPPFLAGS += $(FEATURE_FLAGS) -DSQLITE_THREADSAFE=1 \ It is available. You can use a pragma to activate it. Turning it on by default everytime is a serious performance loss.
Re: sqlite secure delete
On Wed, Jul 25, 2012 at 09:34, Landry Breuil wrote: On Tue, Jul 24, 2012 at 08:20:55PM -0400, Ted Unangst wrote: I think this option should be available. Note sure it's a good idea, since it's a non-negligible performance loss for all sqlite users if you change it to default to true. For example all mozilla ports want it, and instead of trying to push it into the lib i've resorted to use 'PRAGMA secure_delete = ON' in the client code to oops, my mistake, I thought the pragma was only available if the option was defined. Option changes the default, so never mind.