Hi all, I have a question about security considerations for using sqlite.
Suppose I have two processes which communicate via a shared database. One process is internet-facing, and therefore carries a risk of being compromised. The second process is running under a different uid, and has access to other files which should be kept private. The database is a trust boundary. To what extent is this IPC mechanism a risk of privilege escalation, whereby any malicious code injected into the first process might be able to use the shared database to attack the second process. Obviously there is a need for both applications to handle the data retrieved from that database in a secure manner, but are there other risks/considerations from the sqlite library itself? There are some obvious and maybe unavoidable denial-of-service risks: the first process might fill up the disk, or (Im guessing here) hold onto locks for too long. Any other considerations? Thanks in advance, _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
