John Richard Moser wrote:
Is sqlite3_open() safe?
By safe, I mean does it create the database file with O_EXCL if it
doesn't exist, with permissions either matching umask() or with 0600
permissions? I don't want to encounter random races here.
SQLite databases are designed to be shared by two or more
processes, so no it does not use O_EXCL. New files are
created using 0644. If you want a different permission
setting, do something like
close(open(zFilename, O_CREAT, 0600));
prior to opening.
Temporary files and rollback journals are opened using
both O_EXCL and O_NOFOLLOW and permissions 0600. And
temporary file names contain a lot of randomness. All
these measures are to combat unforeseen vulnerabilities
due to races, though to be honest, it isn't clear what
kind of vulnerabilities might be created if these
measures were not use.
--
D. Richard Hipp -- [EMAIL PROTECTED] -- 704.948.4565
