It's security 101... a single point of authentication is better than many points doing their own checks. I do in fact write the code to write or not as needed, but last count I have 43,000 lines of code and I'm smart enough to know I'm not perfect. Good security is done in layers and in this case one layer should be a final check on if the current handle is authorized to write to the database.
I did actually think of chmodding the file with every connection. With multiple processes connecting to the database constantly (some with authorization to write, some not) I'm not sure how well that will work. If anybody has any experience in that sort of solution I'd be interested to hear about it. On Sat, Mar 7, 2009 at 12:27 PM, P Kishor <punk.k...@gmail.com> wrote: > On Sat, Mar 7, 2009 at 10:59 AM, Tom Spencer <tspenc...@gmail.com> wrote: >> Is there a way to set the current database handle as read-only? I'm >> connecting to an SQLite3 database (actually two including an attached >> database) using Perl with DBD::SQLite, which doesn't seem to implement >> the ReadOnly database handle attribute. Is there some kind of setting >> or pragma that will set the handle as read only just for that >> connection? >> > > > This is puzzling... you are the one writing the programs... just don't > write to the database. How hard can that be? > > On the other hand, you can always just chmod the SQLite db file to 444. > > > > -- > Puneet Kishor http://www.punkish.org/ > Nelson Institute for Environmental Studies http://www.nelson.wisc.edu/ > Carbon Model http://carbonmodel.org/ > Open Source Geospatial Foundation http://www.osgeo.org/ > Sent from: Madison WI United States. > _______________________________________________ > sqlite-users mailing list > sqlite-users@sqlite.org > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
