On Feb 27, 2009, at 8:17 AM, João Eiras wrote:
> Howdy!
>
> As you probably know, rendering engines are bundling SQLite to provide
> the HTML5 Database API to webpages and widgets.
> Then 3rd party webpages would access the database API to write data.
> There should be a way for the user agent to control quotas. I was told
> on IRC that currently such feature is not supported.
I am not sure what you mean by "quotas". But see the following:
http://www.sqlite.org/c3ref/limit.html
http://www.sqlite.org/pragma.html#pragma_max_page_count
http://www.sqlite.org/c3ref/set_authorizer.html
Between the max_page_count pragma, the sqlite3_limit() interface, and
the sqlite3_set_authorizer() interface, can you not sufficiently lock
down SQLite so that it is safe for use from potentially hostile
scripts? What do you think is missing?
D. Richard Hipp
[email protected]
_______________________________________________
sqlite-users mailing list
[email protected]
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
