On Tuesday, 21 January, 2020 05:28, Richard Hipp <d...@sqlite.org> wrote:
>On 1/21/20, Keith Medcalf <kmedc...@dessus.com> wrote: >> Richard, >> >> The TRUSTED_SCHEMA setting works really well but I have noticed one >> problem (there may be more, but I haven't run across any yet) with >> it that is perhaps easy to address, though it needs to be done >> properly. That is perhaps adding an innocuous flag to pragma >> definitions in mkpragmatab.tcl so that it can be carried though >> into the vtable code that handles pragma_<pragma_name> xConnect >> method. >> >> This would permit pragma's such as table_info (for example) to be >> marked as innocuous so that pragma_table_info could be used in a >> view even when the schema is untrusted. > That would potentially leak information about the schemas of other > attached database files. It seems like a harmless information leak, > but it is a leak nevertheless. > > If you are setting untrusted schema (as you probably should) but you > need to use pragma virtual tables inside of triggers and views, > consider putting them inside TEMP triggers and views. TEMP triggers > and views, because they must originate in the application itself, are > always trusted. Done, tested, and putting those views in temp works just fine. And yes, I agree that not marking the pragma vtabs as innocuous is the right thing. -- The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume. _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users