On 8/27/19, Jens Alfke <j...@mooseyard.com> wrote: > is [SQLite] engineered with the > assumption that a database file may be malicious, or is the assumption > "garbage in, garbage out"?
https://www.sqlite.org/security.html https://www.sqlite.org/testing.html Our intent is that SQLite database files are secure in the sense that reading a maliciously corrupted database file is harmless. I spend most of my time testing for this sort of thing, and dreaming up new defenses against yet undiscovered attacks. Research out of the University of Buffalo shows that every Android phone has about 200 SQLite database files and about 14% of those are used for transfer purposes only. In other words, content is downloaded from the cloud as an SQLite database then becomes read-only on the phone. That's about 70 billion databases used as containers. So lots of people are using SQLite as a container. And those numbers are for Android only. Indications are the iOS is even bigger. We work very hard to ensure that those billions and billions of data containers in circulation are not a security risk. That said, Jens remarks made me realize that the SQLite archive code has not been updated recently to implement the best practices outlined in the first document above. The existing code is safe. But I'll get busy and add the extra layers of defense to make it even safer. -- D. Richard Hipp d...@sqlite.org _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
