Being a windows developer myself, I've never really looked into locking down an application at the file level, however, here are a couple things that you can look into.
You can create a user from the command line. Instructions here: http://www.itechtalk.com/thread16618.html (google: create user command line) You can probably skip on setting the user as an administrator, however, this will become pretty key as, again from the command line, you can set file permissions on your database so that this new user has access to the file only. http://www.techrepublic.com/article/use-caclsexe-to-view-and-manage-windows-acls/1050976 (google: windows cacls) In whatever language you're running, you SHOULD be able to access a file as that new user. Take for instance http://www.djekldevelopments.co.uk/microsoft-visual-basic-net-programmers-cookbook/source/6797final/lib0319.html (google: windows api run program as different user) But PLEASE take heed; If you have a kind of information that you want to protect the user from getting access to, this is *NOT* the proper manor of doing so. This will make it more interesting for an (ab)user to get to the file, however, anyone with sufficient rights can just take ownership of the file, change the file permissions, and still gain access to the file. In reality, SQLite PROBABLY isn't the right answer for you to begin with since you DO want to lock down the access. But then again, you also need to decide at what level you want to protect the data. If you're looking for a total, 100% secure method of protecting your data, you manage it in-house, and your clients access it remotely, or in my case where I work, the customer buys the machines to our specifications, we install our software on them in our office, ship them off after some burn in time, and then we manage them remotely, and the user has zero access to the machine aside from what we provide them with our software. On Mon, Feb 11, 2013 at 7:03 AM, Robert Hairgrove <evorgri...@hispeed.ch>wrote: > On Mon, 2013-02-11 at 11:04 +0000, SR Volatile wrote: > > Is there any option to encrypt fields in a table when creating it? > > There is the SQLite Encryption Extension (SEE): > http://www.hwaci.com/sw/sqlite/see.html > > It is not free. But it looks like it does a pretty good job (I never > used it myself). > > Other than that, you can encrypt/decrypt the data in your application > using some 3rd party encryption software. Depending on your security > needs, please be aware that no encryption mechanism is 100% safe, and to > achieve an adequate level of security through encryption is anything but > trivial. > > Of course, my suggestion to make the file read-only does not prohibit > users from reading the data, only from editing it. You'd have to deny > read AND write access to any users except for those using the database > to prevent all prying eyes. > > Although setting up such permissions is fairly straightforward on a *nix > system, I believe that more recent versions of Windows allow user-level > permissions as well. > > And I still think this is probably the best way to go with any > file-based RDBMS because once the file-system security is breached, the > database file can be copied and a dedicated intruder can hack away at > leisure to remove whatever encryption there is. > > _______________________________________________ > sqlite-users mailing list > sqlite-users@sqlite.org > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users > _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
