Re: [sqlite] Fwd: How to prevent View sqlite database structure and contents from database browsers
Being a windows developer myself, I've never really looked into locking down an application at the file level, however, here are a couple things that you can look into. You can create a user from the command line. Instructions here: http://www.itechtalk.com/thread16618.html (google: create user command line) You can probably skip on setting the user as an administrator, however, this will become pretty key as, again from the command line, you can set file permissions on your database so that this new user has access to the file only. http://www.techrepublic.com/article/use-caclsexe-to-view-and-manage-windows-acls/1050976 (google: windows cacls) In whatever language you're running, you SHOULD be able to access a file as that new user. Take for instance http://www.djekldevelopments.co.uk/microsoft-visual-basic-net-programmers-cookbook/source/6797final/lib0319.html (google: windows api run program as different user) But PLEASE take heed; If you have a kind of information that you want to protect the user from getting access to, this is *NOT* the proper manor of doing so. This will make it more interesting for an (ab)user to get to the file, however, anyone with sufficient rights can just take ownership of the file, change the file permissions, and still gain access to the file. In reality, SQLite PROBABLY isn't the right answer for you to begin with since you DO want to lock down the access. But then again, you also need to decide at what level you want to protect the data. If you're looking for a total, 100% secure method of protecting your data, you manage it in-house, and your clients access it remotely, or in my case where I work, the customer buys the machines to our specifications, we install our software on them in our office, ship them off after some burn in time, and then we manage them remotely, and the user has zero access to the machine aside from what we provide them with our software. On Mon, Feb 11, 2013 at 7:03 AM, Robert Hairgrovewrote: > On Mon, 2013-02-11 at 11:04 +, SR Volatile wrote: > > Is there any option to encrypt fields in a table when creating it? > > There is the SQLite Encryption Extension (SEE): > http://www.hwaci.com/sw/sqlite/see.html > > It is not free. But it looks like it does a pretty good job (I never > used it myself). > > Other than that, you can encrypt/decrypt the data in your application > using some 3rd party encryption software. Depending on your security > needs, please be aware that no encryption mechanism is 100% safe, and to > achieve an adequate level of security through encryption is anything but > trivial. > > Of course, my suggestion to make the file read-only does not prohibit > users from reading the data, only from editing it. You'd have to deny > read AND write access to any users except for those using the database > to prevent all prying eyes. > > Although setting up such permissions is fairly straightforward on a *nix > system, I believe that more recent versions of Windows allow user-level > permissions as well. > > And I still think this is probably the best way to go with any > file-based RDBMS because once the file-system security is breached, the > database file can be copied and a dedicated intruder can hack away at > leisure to remove whatever encryption there is. > > ___ > sqlite-users mailing list > sqlite-users@sqlite.org > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users > ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] Fwd: How to prevent View sqlite database structure and contents from database browsers
SQLite has no knowledge of users or password protection. Unlike MSSQL or MySQL or Oracle, you don't log into the database with a username and password, and there is no real DBMS to handle permissions. Filesystem level locking is pretty much the closest thing you're going to get to protecting the data within. I'd suggest encryption to at least block people from getting access to the file content, however, once the encryption is broken, R/W access will be permitted. If you want a total "black box" scenario, this is probably going to be your best bet. If you want to block write access, you could create a new user account, give RW permissions to that user, then give just R access to everyone else. ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] Fwd: How to prevent View sqlite database structure and contents from database browsers
On Fri, 08 Feb 2013 19:46:49 +0100, Kees Nuytwrote: > ... to black access ... ... to block access ... Note to self: proofread thoroughly. -- Groet, Cordialement, Pozdrawiam, Regards, Kees Nuyt ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] Fwd: How to prevent View sqlite database structure and contents from database browsers
On Fri, 08 Feb 2013 14:20:20 +0100, Robert Hairgrovewrote: >On Fri, 2013-02-08 at 13:13 +, SR Volatile wrote: >> Dear Sir/Madam, >> >> I am using Sqlite for my project. Currently, Sqlite database browser able >> to view / edit sqlite database structure and content. As part of my >> project, I don't want anybody to view/edit the database contents from any >> database browsers. >> Could you please suggest me, how can i achieve this? > >Since an SQLite database is a file, you could just set the file system >privileges to read-only. That would prevent write access for the application. Depending on the circumstances, it might be possible to use ACL or user:group ownership and account/group/other permissions to black access to the database file for every user:group, except the application user:group. Another possibility is database encryption, in a way that only the application can know the key. See http://sqlite.org/support.html -- Groet, Cordialement, Pozdrawiam, Regards, Kees Nuyt ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] Fwd: How to prevent View sqlite database structure and contents from database browsers
On Fri, 2013-02-08 at 13:13 +, SR Volatile wrote: > Dear Sir/Madam, > > I am using Sqlite for my project. Currently, Sqlite database browser able > to view / edit sqlite database structure and content. As part of my > project, I don't want anybody to view/edit the database contents from any > database browsers. > Could you please suggest me, how can i achieve this? Since an SQLite database is a file, you could just set the file system privileges to read-only. ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
[sqlite] Fwd: How to prevent View sqlite database structure and contents from database browsers
Dear Sir/Madam, I am using Sqlite for my project. Currently, Sqlite database browser able to view / edit sqlite database structure and content. As part of my project, I don't want anybody to view/edit the database contents from any database browsers. Could you please suggest me, how can i achieve this? Thanks in advance and looking forward to hear from you. Sincerely, ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users