When running in Windows under SYSTEM context, such as in a service, there are issues when using impersonation and trying to update a sqlite database.
How to reproduce: 1. In SYSTEM context, create a directory that only SYSTEM as access to. 2. Open/ create a database in this directory. All subsequent steps are assumed to use the connection object opened here. 3. Impersonate a lower level user, such as the person on console 4. Insert a record into a table. Expected Result: Record is inserted Actual Result: SQLITE_CANTOPEN is returned Root Cause: The insert attempts to create or open the journals and write-ahead logs. Since it's now running in user context, the directory is inaccessible. Any attempt to open or create the file fails with ERROR_ACCESS_DENIED. Workaround: Stop impersonation before doing any database operations. Suggested Fix: Add a PRAGMA or sqlite3_db_config / sqlite3_config option that keeps the various files associated with a connection open rather than closing them when done. Rob _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
