On 26/5/19 5:26 PM, Luuk wrote: > > On 26-5-2019 01:49, Markos wrote: >> Now I want that any user logged in the Linux be able to run the >> program reading_room.tcl, which will access the database (books.db) >> >> But I want to protect the file books.db so that only the the program >> reading_room.tcl can access the books.db file (to read or write). But >> that no user could delete or write to the file books.db (only the >> program reading_room.tcl) > If you have read, and used, this: > https://www.sqlite.org/src/doc/trunk/ext/userauth/user-auth.txt than > you should know the answer ;)
WARNING: The documentation seems to suggest that an SQLite library/shell compiled without SQLITE_USER_AUTHENTICATION still has full access to the DB. A quick build and test seems to confirm this: $ ./sqlite3_with_user_auth ~/tmp/test_userauth.db3 SQLite version 3.28.0 2019-04-16 19:49:53 Enter ".help" for usage hints. sqlite> .user help Usage: .user login|add|edit|delete ... sqlite> .user add aho testing yes sqlite> create table test(x int); sqlite> insert into test values (1); sqlite> select * from test; 1 sqlite> Now let's see if an SQLite shell that doesn't do user auth can muck with this DB: $ sqlite3 ~/tmp/test_userauth.db3 sqlite> .user help Error: unknown command or invalid arguments: "user". Enter ".help" for help sqlite> .schema CREATE TABLE sqlite_user( uname TEXT PRIMARY KEY, isAdmin BOOLEAN, pw BLOB ) WITHOUT ROWID; CREATE TABLE test(x int); sqlite> select * from sqlite_user; aho|1|$▒i����P}▒�m�� sqlite> select * from test; 1 sqlite> insert into test values (2); sqlite> select * from test; 1 2 Uh oh... > Otherwise set access permissions on the database (use: 'man chmod' > and/or 'man chown', to find out how to do that under Debian 9) To give *any* user access to the DB *only* via reading_room.tcl, as the OP requested, access permissions aren't sufficient by themselves. You'd also need to force all users to run reading_room.tcl as the DB's owner, i.e. something like "sudo". _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
