On Mon, Feb 28, 2011 at 2:33 PM, Richard Hipp <d...@sqlite.org> wrote:
> > > On Mon, Feb 28, 2011 at 1:00 PM, Paweł Hajdan, Jr. < > phajdan...@chromium.org> wrote: > >> >> What do you think about adding a call like below to the VFS interface? >> >> int (*xOpenWrapper)(const char *path, int flags, int mode); >> > > There are 2 billion instances of SQLite in active use today. We don't want > to go changing interfaces unless we absolutely have to. > > And there are additional complications. Based on what we can figure out > about how your sandbox works, you'll also need overloads for access(), > stat(), and unlink(). Presumably you have no need for dlopen() which is > used for run-time loadable extensions to SQLite, but if you use that > features you'll need an overload for it too. We might yet think of others, > but already we see there are at least three interfaces (we could probably > combine access and stat) that need to be overloaded. > SQLite converts relative pathnames (in sqlite3_open()) into absolute pathnames before sending them into xOpen(). A call to getcwd() is necessary for that. Looks like that call, too, will need to be intercepted and handled by the supervisor process. Or you can work around it by always handing full pathnames to sqlite3_open(). > > We are also concerned about locking. The documentation on Chromium > sandboxing implies that a separate process does the open() and then sends > over a file descriptor using IPC. (I didn't know you could do that in > unix. In fact, I bet it requires a linux-only extension of some kind. > Correct me if I'm wrong.) But that makes us very concerned about how posix > advisory locking will behave. Posix advisory locks are mis-designed. See > > http://www.sqlite.org/src/artifact/64a2e0ebbb?ln=621,685 > > Are you sure that posix advisory locking will work on a file descriptor > that was allocated in a different process? Have you tested it? > > So this all gets very complicated very fast. And very hard to test. > > Suggestions: > > (1) Let's move this discussion to sqlite-...@sqlite.org > > (2) Can you set up a conf-call or video-conf between the Chromium > developers who have an interest in this and the SQLite development team so > that we can talk through the issues? > > > -- > D. Richard Hipp > d...@sqlite.org > -- D. Richard Hipp d...@sqlite.org _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
