Re: [sqlite] SQLite encription

[Francisc Romano]

I didn't think it did, I will search for this.
Thank you!
___
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] SQLite encription

[D. Richard Hipp]

On Oct 19, 2009, at 9:49 AM, Francisc Romano wrote:

> Hmm, well the thing is I am building an app that runs on Adobe AIR  
> which has
> native support for SQLite.
>
> I am looking for an internal solution. Like setting a user  
> auth for
> the SQLite database file to allow/deny acces?


I believe Adobe AIR has built-in support for SQLite database  
encryption.  Check your documentation.

D. Richard Hipp
d...@hwaci.com



___
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] SQLite encription

[Francisc Romano]

Hmm, well the thing is I am building an app that runs on Adobe AIR which has
native support for SQLite.
Involving third-party software would probably involve having to install it
on the computers of various users of the application which would complicate
things a bit too much.

I am looking for an internal solution. Like setting a user auth for
the SQLite database file to allow/deny acces?
___
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] SQLite encription

[Adam DeVita]

One can use a 3rd party tool such as a Alladdin HASP key.  This encrypts the
application, and optionally the database file too.  The drivers for the
program won't execute a program if it detects a debugger.  This solution is
of course limited to operating systems with the available drivers.  Once
nice thing about it is that you can encrypt a copy of the command line tool
for yourself so that you can access the encrypted database.

On Sun, Oct 18, 2009 at 11:25 PM, Roger Binns  wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Simon Slavin wrote:
> > It happened again.  DRH explained to me last time I asked.  If someone
> > posts from an address that isn't on this list, there's a delay before
> > the post shows up because it waits for moderator approval.  In the
> > meantime the original poster often posts the same question again.
>
> It didn't happen again - yes I checked before responding.  The original
> post
> made it to the list several days ago.  This post was a brand new one - look
> at the headers and you can see.
>
> Roger
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkrb3BkACgkQmOOfHg372QTwZgCgoUnLkoaB0jEgCiGd0kAvi+pH
> oQIAoLc/iTrQ3oP6HIbMo/7frlOS5RTo
> =WQYU
> -END PGP SIGNATURE-
> ___
> sqlite-users mailing list
> sqlite-users@sqlite.org
> http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
>



-- 
VerifEye Technologies Inc.
905-948-0015x245
7100 Warden Ave, Unit 3
Markham ON, L3R 8B5
Canada
___
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] SQLite encription

[Roger Binns]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Simon Slavin wrote:
> It happened again.  DRH explained to me last time I asked.  If someone  
> posts from an address that isn't on this list, there's a delay before  
> the post shows up because it waits for moderator approval.  In the  
> meantime the original poster often posts the same question again.

It didn't happen again - yes I checked before responding.  The original post
made it to the list several days ago.  This post was a brand new one - look
at the headers and you can see.

Roger
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkrb3BkACgkQmOOfHg372QTwZgCgoUnLkoaB0jEgCiGd0kAvi+pH
oQIAoLc/iTrQ3oP6HIbMo/7frlOS5RTo
=WQYU
-END PGP SIGNATURE-
___
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] SQLite encription

[Roger Binns]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Francisc Romano wrote:
> Is it possible to encript SQLite databases so that they cannot be referenced
> outside the program that uses it?
> If not, can you set a user and password for a SQLite database?

The answer has not changed from when you asked a few days ago.

Roger
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkrbtgkACgkQmOOfHg372QQ93wCgliiiP+VGTvLLPVK5Lg6gVlZQ
FR0An1bKG+4jzHQHdVgknuN/V0Hedii0
=bLiU
-END PGP SIGNATURE-
___
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] SQLite encription

[Roger Binns]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Francisc Romano wrote:
> Is it possible to encript SQLite databases so that they cannot be referenced
> outside the program that uses it?

The SQLite database file has to be accessible to the program using SQLite so
no matter what you do, a malicious user on the same machine will be able
access the contents should they try hard enough.  Using the SQLite
encryption extension (see Simon's post) will make that harder for the casual
bad guy.

As a simple example the malicious user can run your program under a
debugger.  You can set local permissions to try and prevent that but then
you are relying on the local operating system to never have privilege
elevation bugs (unlikely) or never to be tricked by virtualization (again
unlikely).

If you want your data to be truly secured then you have to store it
separately under your own control and have clients request pieces as needed.
 Of course there is still nothing preventing them from republishing those
pieces.

Roger
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkraLJ4ACgkQmOOfHg372QQBTwCeNw30EP5DReFqgNfzN7duE/ZG
IP4AmwQ4AuP3lJOQNbwBpW6Ah67Mo3Kl
=yO+/
-END PGP SIGNATURE-
___
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] SQLite encription

[Simon Slavin]

On 17 Oct 2009, at 1:11am, Francisc Romano wrote:

> Is it possible to encript SQLite databases so that they cannot be  
> referenced
> outside the program that uses it?
> If not, can you set a user and password for a SQLite database?

The head honcho of SQLite runs a company that has a product which adds  
this facility:

http://www.hwaci.com/sw/sqlite/see.html

Once your code has supplied the encryption/decryption password, all  
the other commands are the same as they'd be when using an unencrypted  
database.

Simon.
___
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users