Re: [sqlite] SQLite encription
I didn't think it did, I will search for this. Thank you! ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] SQLite encription
On Oct 19, 2009, at 9:49 AM, Francisc Romano wrote: > Hmm, well the thing is I am building an app that runs on Adobe AIR > which has > native support for SQLite. > > I am looking for an internal solution. Like setting a user > auth for > the SQLite database file to allow/deny acces? I believe Adobe AIR has built-in support for SQLite database encryption. Check your documentation. D. Richard Hipp d...@hwaci.com ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] SQLite encription
Hmm, well the thing is I am building an app that runs on Adobe AIR which has native support for SQLite. Involving third-party software would probably involve having to install it on the computers of various users of the application which would complicate things a bit too much. I am looking for an internal solution. Like setting a user auth for the SQLite database file to allow/deny acces? ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] SQLite encription
One can use a 3rd party tool such as a Alladdin HASP key. This encrypts the application, and optionally the database file too. The drivers for the program won't execute a program if it detects a debugger. This solution is of course limited to operating systems with the available drivers. Once nice thing about it is that you can encrypt a copy of the command line tool for yourself so that you can access the encrypted database. On Sun, Oct 18, 2009 at 11:25 PM, Roger Binnswrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Simon Slavin wrote: > > It happened again. DRH explained to me last time I asked. If someone > > posts from an address that isn't on this list, there's a delay before > > the post shows up because it waits for moderator approval. In the > > meantime the original poster often posts the same question again. > > It didn't happen again - yes I checked before responding. The original > post > made it to the list several days ago. This post was a brand new one - look > at the headers and you can see. > > Roger > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.9 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAkrb3BkACgkQmOOfHg372QTwZgCgoUnLkoaB0jEgCiGd0kAvi+pH > oQIAoLc/iTrQ3oP6HIbMo/7frlOS5RTo > =WQYU > -END PGP SIGNATURE- > ___ > sqlite-users mailing list > sqlite-users@sqlite.org > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users > -- VerifEye Technologies Inc. 905-948-0015x245 7100 Warden Ave, Unit 3 Markham ON, L3R 8B5 Canada ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] SQLite encription
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Simon Slavin wrote: > It happened again. DRH explained to me last time I asked. If someone > posts from an address that isn't on this list, there's a delay before > the post shows up because it waits for moderator approval. In the > meantime the original poster often posts the same question again. It didn't happen again - yes I checked before responding. The original post made it to the list several days ago. This post was a brand new one - look at the headers and you can see. Roger -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkrb3BkACgkQmOOfHg372QTwZgCgoUnLkoaB0jEgCiGd0kAvi+pH oQIAoLc/iTrQ3oP6HIbMo/7frlOS5RTo =WQYU -END PGP SIGNATURE- ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] SQLite encription
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Francisc Romano wrote: > Is it possible to encript SQLite databases so that they cannot be referenced > outside the program that uses it? > If not, can you set a user and password for a SQLite database? The answer has not changed from when you asked a few days ago. Roger -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkrbtgkACgkQmOOfHg372QQ93wCgliiiP+VGTvLLPVK5Lg6gVlZQ FR0An1bKG+4jzHQHdVgknuN/V0Hedii0 =bLiU -END PGP SIGNATURE- ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
[sqlite] SQLite encription
Hello! Is it possible to encript SQLite databases so that they cannot be referenced outside the program that uses it? If not, can you set a user and password for a SQLite database? Thank you! ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] SQLite encription
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Francisc Romano wrote: > Is it possible to encript SQLite databases so that they cannot be referenced > outside the program that uses it? The SQLite database file has to be accessible to the program using SQLite so no matter what you do, a malicious user on the same machine will be able access the contents should they try hard enough. Using the SQLite encryption extension (see Simon's post) will make that harder for the casual bad guy. As a simple example the malicious user can run your program under a debugger. You can set local permissions to try and prevent that but then you are relying on the local operating system to never have privilege elevation bugs (unlikely) or never to be tricked by virtualization (again unlikely). If you want your data to be truly secured then you have to store it separately under your own control and have clients request pieces as needed. Of course there is still nothing preventing them from republishing those pieces. Roger -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkraLJ4ACgkQmOOfHg372QQBTwCeNw30EP5DReFqgNfzN7duE/ZG IP4AmwQ4AuP3lJOQNbwBpW6Ah67Mo3Kl =yO+/ -END PGP SIGNATURE- ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
Re: [sqlite] SQLite encription
On 17 Oct 2009, at 1:11am, Francisc Romano wrote: > Is it possible to encript SQLite databases so that they cannot be > referenced > outside the program that uses it? > If not, can you set a user and password for a SQLite database? The head honcho of SQLite runs a company that has a product which adds this facility: http://www.hwaci.com/sw/sqlite/see.html Once your code has supplied the encryption/decryption password, all the other commands are the same as they'd be when using an unencrypted database. Simon. ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
[sqlite] SQLite encription
Hello! Is it possible to encript SQLite databases so that they cannot be referenced outside the program that uses it? If not, can you set a user and password for a SQLite database? Thank you! ___ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users