I decided to test this so here's an almost-complete example minus any
cross-checks on the tables which you should ultimately do.
This implements exclusion rules which is what you've been describing.
You can make them inclusion rules if you just remove the "not" in the select
statement below, but
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/17/2011 06:29 AM, Simon Slavin wrote:
> Of course my hacked SQLite library
You don't have to hack the SQLite library. Simply create a virtual table
with the table name they expect and filter out rows as appropriate. The
real table can be in
On 17 Jul 2011, at 2:00pm, Pavel Ivanov wrote:
>> I can only control the databases and the libsqlite.so.
>> Is everything clear?
>
> How do you do that, I wonder? Why do you think that applications you
> don't control will always use your libsqlite.so? They may not use
> libsqlite.so at all
Analytics Directorate
From: sqlite-users-boun...@sqlite.org [sqlite-users-boun...@sqlite.org] on
behalf of san long [kerneltrap...@gmail.com]
Sent: Sunday, July 17, 2011 1:00 AM
To: General Discussion of SQLite Database
Subject: EXT :Re: [sqlite] Hidding records from
> I can only control the databases and the libsqlite.so.
> Is everything clear?
How do you do that, I wonder? Why do you think that applications you
don't control will always use your libsqlite.so? They may not use
libsqlite.so at all (compile SQLite sources into application) or use
whatever
> actually I don't know how to get my rules yet, but let's assume the
> rules
> exist and we can get it from a function.
> get_forbidden_ids()
I've never done it, so don't know whether it's possible, but you may
be able to create a virtual table on top of the real table which calls
actually I don't know how to get my rules yet, but let's assume the rules
exist and we can get it from a function.
get_forbidden_ids()
2011/7/17 Simon Slavin
>
> On 17 Jul 2011, at 4:03am, san long wrote:
>
> > (process name)
>
> Implement this logic in your programming
On 17 Jul 2011, at 4:03am, san long wrote:
> (process name)
Implement this logic in your programming language, or do it by having your app
consult a table to see what has access to what database.
SQL is a database language. You put data in and get the same data out again.
You don't get
It seems that my words are still ambiguous, let me make it further clear.
there are many processes in the system (ie, linux ), they use the sqlite
databases, I add many rules to allow/forbidden their access to the
databases, such as:
"A" (process name) can see all records except rowid 1,2
"B"
>I want to make things clear. there are some rules in my system, such
>as : process whose name is proc_host can see all the records, and
>process whose name is proc_client1 can see all the records except
>rowid 1.
First, keep away of relying on rowid values since they may change if
you don't
On 16 Jul 2011, at 5:18pm, san long wrote:
> I want to make things clear. there are some rules in my system, such
> as : process whose name is proc_host can see all the records, and
> process whose name is proc_client1 can see all the records except
> rowid 1.
> It looks like temporary view and
On Fri, Jul 15, 2011 at 6:19 PM, san long wrote:
> Dear all,
> I have an idea related to the safety of the records in a table: if it is
> possible to hide some records in a table so the upper user application could
> not see them?
> For example:
> table food has content:
Is an untrusted end user writing queries?
Are there clients other than proc_host and proc_client1? If there is a
proc_cleint2, would it also see all rows except rowid = 1?
If there is only proc_clent1, then create a permanent view of:
Select * from mytable where mytable.rowid<>1
But I deeply
Thanks for replies.
I want to make things clear. there are some rules in my system, such
as : process whose name is proc_host can see all the records, and
process whose name is proc_client1 can see all the records except
rowid 1.
It looks like temporary view and temporary table is good solutions,
I don't know I have much to offer here as I still really don't
understand what you are trying to accomplish.
But I looked and it appears that sqlite supports TEMPORARY VIEW, which,
I believe, is only visible to the process that created it. And it will
automatically go away when that process
san long wrote:
> right, but now I just want to hide these records to all processes.
Just delete them. That would have the same observable effect.
--
Igor Tandetnik
___
sqlite-users mailing list
sqlite-users@sqlite.org
san long wrote:
> It doesn't matter no application can see the underlying data as long as they
> exist physically. I just want to hide them.
If no application whatsoever can see them, what does it mean for them to exist?
How can you observe the difference between
From: sqlite-users-boun...@sqlite.org [sqlite-users-boun...@sqlite.org] on
behalf of san long [kerneltrap...@gmail.com]
Sent: Friday, July 15, 2011 11:01 PM
To: General Discussion of SQLite Database
Subject: EXT :Re: [sqlite] Hidding records from the application
sqlite3 support a trigger on SELECT
On 16 Jul 2011, at 4:56am, san long wrote:
> haha, if I CREATE VIEW in process A and DROP VIEW when A dies. Process
> B could see this VIEW or not?
> A and B run at the same thime.
Process B can see the VIEW until process A DROPs the VIEW.
On 16 Jul 2011, at 5:01am, san long wrote:
> sqlite3
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/15/2011 09:01 PM, san long wrote:
> sqlite3 support a trigger on SELECT ? View is a good solution, but I
> want to let different process see different records, like:
> pid A sees rowid 1,2
> pid B sees rowid 1,3
Add a column to the table for
sqlite3 support a trigger on SELECT ? View is a good solution, but I
want to let different process see different records, like:
pid A sees rowid 1,2
pid B sees rowid 1,3
2011/7/16, san long :
> haha, if I CREATE VIEW in process A and DROP VIEW when A dies. Process
> B
haha, if I CREATE VIEW in process A and DROP VIEW when A dies. Process
B could see this VIEW or not?
A and B run at the same thime.
2011/7/16, Simon Slavin :
>
> On 16 Jul 2011, at 4:23am, san long wrote:
>
>> Thanks for advice, delete or update the record in a view could
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 07/15/2011 06:19 PM, san long wrote:
> Is there any good solution to satisfy my requirement?
Since you want absolutely nothing to see them, delete them.
Or make triggers to copy data between the real table that contains all the
data and your
On 16 Jul 2011, at 4:23am, san long wrote:
> Thanks for advice, delete or update the record in a view could affect the
> true table in sqlite now?
No. Either use the VIEW for SELECT and the TABLE for changes, or implement
triggers so attempts to change your VIEW actually change the underlying
right, but now I just want to hide these records to all processes.
2011/7/16 Igor Tandetnik
> On 7/15/2011 9:19 PM, san long wrote:
> > Dear all,
> > I have an idea related to the safety of the records in a table: if it is
> > possible to hide some records in a table so the
Thanks for advice, delete or update the record in a view could affect the
true table in sqlite now?
And, if I create a view dynamically using sqlite3_exec, is it visible to
other process who opens the same database?
2011/7/16 Simon Slavin
>
> On 16 Jul 2011, at 2:19am, san
Thanks for replies.
It doesn't matter no application can see the underlying data as long as they
exist physically. I just want to hide them.
2011/7/16 Simon Slavin
>
> On 16 Jul 2011, at 2:32am, Danny wrote:
>
> > In my mainframe days, using IDMS/SQL, I limited user
On 16 Jul 2011, at 2:32am, Danny wrote:
> In my mainframe days, using IDMS/SQL, I limited user access to table data,
> down to the column level, based upon logged on userid. This was accomplished
> via database procedures. I'm new to SQLite, so don't know if it has any
> similar
: Igor Tandetnik <itandet...@mvps.org>
>To: sqlite-users@sqlite.org
>Sent: Friday, July 15, 2011 9:24 PM
>Subject: Re: [sqlite] Hidding records from the application
>
>On 7/15/2011 9:19 PM, san long wrote:
>> Dear all,
>> I have an idea related to the safety of the r
On 16 Jul 2011, at 2:19am, san long wrote:
> I have an idea related to the safety of the records in a table: if it is
> possible to hide some records in a table so the upper user application could
> not see them?
You could CREATE a VIEW which selected just some rows of a TABLE.
Simon.
On 7/15/2011 9:19 PM, san long wrote:
> Dear all,
> I have an idea related to the safety of the records in a table: if it is
> possible to hide some records in a table so the upper user application could
> not see them?
> For example:
> table food has content:
> 1, "food A"
> 2, "food B"
> I want
Dear all,
I have an idea related to the safety of the records in a table: if it is
possible to hide some records in a table so the upper user application could
not see them?
For example:
table food has content:
1, "food A"
2, "food B"
I want to hide the record whose rowid is 2, so:
sqlite> SELECT
32 matches
Mail list logo