Peter, > On 8/3/17, 8:56 AM, "sqlite-users on behalf of Ulrich Telle" wrote: > > Nevertheless, I think the pointer type string restriction gives a false > > sense of security. > > You described creating a malicious extension that would give you the ability > to probe pointers by forging strings.
The description of the new pointer-passing interface gives the impression that restricting the pointer type parameter to static strings or literals prevents misuse of the new feature. And that is definitely not the case. It might be a hurdle for unsophisticated developers, but not for the experienced ones. > From a security point of view, once you have the ability to create > and deploy a malicious extension into a target host, you’ve already > got full local code execution access to that host anyway. Right. And therefore I think that the restriction to static strings or literals for the pointer type parameter just makes life a bit harder for honest developers of wrappers or the like, but prevents nothing. Without UDFs I think it is impossible to get access to pointers in pure SQL, so if someone wants to do malicious things he has to convince a user to load a malicious extension. Regards, Ulrich _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
