On Wed, Dec 19, 2018 at 11:14 AM Richard Hipp <d...@sqlite.org> wrote:
> > Could there be a way to make shadow tables off-limit to arbitrary SQL? > > That is one of the things that the new SQLITE_DBCONFIG_DEFENSIVE > option does - it makes shadow tables read-only so that they cannot be > corrupted by SQL. > May I please know how SQLite knows a table is a shadow table? This is not something I've run across yet. Good to know BTW, of course. Thanks. Not knowing how this is done/known, I wonder whether this applies to other "bits" of information about tables, notably "custom" ones from a given application. (answers seems to be no, given what's below). Ah, I googled SQLITE_DBCONFIG_DEFENSIVE and found the 3.26 release notes, which pointed me to [1] and then [2]. I had missed [2]. Sending anyway, might be useful to someone else too. [1] https://www.sqlite.org/draft/c3ref/c_dbconfig_defensive.html#sqlitedbconfigdefensive [2] https://www.sqlite.org/draft/vtab.html#xshadowname > However, it is off by default, since some application make use of the > ability to write directly into shadow tables. For example, when you > restore a database using the output of the ".dump" command, that > requires writing directly into shadow tables. > Good point. Didn't think of that. Thanks again, --DD _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
