On 24 Oct 2016, at 9:58am, Max Vlasov <max.vla...@gmail.com> wrote: > in an application that implements encryption/decryption with VFS, what > is the best way to ensure that the memory of the application doesn't > contain decrypted data after the database is closed.
We can't answer about memory that your own application handles, of course. To ensure zeroing out of memory I suggest you use the zero-malloc option as provided by SQLite's memory allocator. For more details on them see sections 3.1.4 and 3.1.5 of <https://www.sqlite.org/malloc.html> It's also worth noting here that SQLite has the following PRAGMA: PRAGMA schema.secure_delete = boolean which zeros space in files. However I don't remember this working by zeroing out the memory copy of the file then writing that block to disk. Simon. _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
