On 12/12/19, test user <example.com.use...@gmail.com> wrote: > Hello, > > How can I secure user supplied SQL statements in a single process?
See https://www.sqlite.org/security.html for an introduction. Other suggestions: (1) Run the process that is evaluating user-supplied SQL in a sandbox, where it can do no harm if it does malfunction. (2) Limit the SQL to verified users. Do not allow SQL from anonymous robots on the internet. (3) Restrict the scope of SQL using the authorizer, if possible. (4) Always use the latest available version of SQLite with all the latest patches. -- D. Richard Hipp d...@sqlite.org _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
