Re: sqlite secure delete

2012-07-25 Thread Landry Breuil 
On Tue, Jul 24, 2012 at 08:20:55PM -0400, Ted Unangst wrote:
 I think this option should be available.
 
 Index: Makefile
 ===
 RCS file: /cvs/src/lib/libsqlite3/Makefile,v
 retrieving revision 1.8
 diff -u -p -r1.8 Makefile
 --- Makefile  22 Jun 2012 17:52:34 -  1.8
 +++ Makefile  24 Jul 2012 11:42:51 -
 @@ -40,6 +40,7 @@ SRCS += pthread_stub.c
  FEATURE_FLAGS =  -DSQLITE_ENABLE_COLUMN_METADATA \
   -DSQLITE_ENABLE_RTREE \
   -DSQLITE_ENABLE_UNLOCK_NOTIFY \
 + -DSQLITE_SECURE_DELETE \
   -DSQLITE_ENABLE_FTS3
  
  CPPFLAGS +=  $(FEATURE_FLAGS) -DSQLITE_THREADSAFE=1 \

Note sure it's a good idea, since it's a non-negligible performance loss
for all sqlite users if you change it to default to true. For example
all mozilla ports want it, and instead of trying to push it into the lib
i've resorted to use 'PRAGMA secure_delete = ON' in the client code to
selectively turn it no. See
mozilla-firefox/patches/patch-storage_src_mozStorageConnection_cpp and
https://bugzilla.mozilla.org/show_bug.cgi?id=546162

Landry

Re: sqlite secure delete

2012-07-25 Thread Marc Espie 
On Tue, Jul 24, 2012 at 08:20:55PM -0400, Ted Unangst wrote:
 I think this option should be available.
 
 Index: Makefile
 ===
 RCS file: /cvs/src/lib/libsqlite3/Makefile,v
 retrieving revision 1.8
 diff -u -p -r1.8 Makefile
 --- Makefile  22 Jun 2012 17:52:34 -  1.8
 +++ Makefile  24 Jul 2012 11:42:51 -
 @@ -40,6 +40,7 @@ SRCS += pthread_stub.c
  FEATURE_FLAGS =  -DSQLITE_ENABLE_COLUMN_METADATA \
   -DSQLITE_ENABLE_RTREE \
   -DSQLITE_ENABLE_UNLOCK_NOTIFY \
 + -DSQLITE_SECURE_DELETE \
   -DSQLITE_ENABLE_FTS3
  
  CPPFLAGS +=  $(FEATURE_FLAGS) -DSQLITE_THREADSAFE=1 \

It is available. You can use a pragma to activate it.

Turning it on by default everytime is a serious performance loss.

Re: sqlite secure delete

2012-07-25 Thread Ted Unangst 
On Wed, Jul 25, 2012 at 09:34, Landry Breuil wrote:
 On Tue, Jul 24, 2012 at 08:20:55PM -0400, Ted Unangst wrote:
 I think this option should be available.

 Note sure it's a good idea, since it's a non-negligible performance loss
 for all sqlite users if you change it to default to true. For example
 all mozilla ports want it, and instead of trying to push it into the lib
 i've resorted to use 'PRAGMA secure_delete = ON' in the client code to

oops, my mistake, I thought the pragma was only available if the
option was defined.  Option changes the default, so never mind.