New submission from Erlend Egeberg Aasland <erlend.aasl...@innova.no>:
If Python is configured with --enable-loadable-sqlite-extensions, it is possible to load third party SQLite extensions (shared libraries/DLL’s) via the sqlite3 extension module. When enabled, the sqlite3.Connection.enable_load_extension() class method will enable the loading of third party extensions via SQL queries, using the SQL function load_extension(). It also enables loading extension via C, using the sqlite3.Connection.load_extension() class method. Suggesting to add the following audit event names to respectively the sqlite3.Connection.enable_load_extension() and sqlite3.Connection.load_extension() methods: - sqlite3.enable_load_extension - sqlite3.load_extension Ref. - https://discuss.python.org/t/should-we-audit-enabling-loading-of-sqlite3-extensions-shared-libraries/8124 - https://www.sqlite.org/loadext.html - https://docs.python.org/3/library/sqlite3.html#sqlite3.Connection.enable_load_extension ---------- components: Library (Lib) messages: 390414 nosy: berker.peksag, christian.heimes, erlendaasland priority: normal severity: normal status: open title: Add audit events for loading of sqlite3 extensions type: security versions: Python 3.10 _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue43762> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
