On 9/7/2017 1:16 PM, Jens Alfke wrote:
On Sep 7, 2017, at 10:06 AM, Simon Slavin <slav...@bigfraud.org> wrote:
In that case any solution implemented entirely within SQLite is insecure
because the admins can simply replace the entire file. Or use a hex editor to
replace the checksum values. In cases like this the security the OP is asking
for has to be built in at the OS level.
No, there are plenty of high level ways of tamper-proofing files. See my
(For example, Apple and Google use digital signatures to tamper-proof
applications distributed through their app stores. Any modification to the app
binary invalidates the signature, and the device will refuse to install or
"Device will refuse to install" is precisely an instance of "security built in at
the OS level".
sqlite-users mailing list