Drake Wilson said: - However, it now occurs to me that it may be possible to use the - fts3_tokenizer() function in a trigger, which is probably a bad thing - when writing to untrusted databases.
I suppose the only way to accomplish it would be to recompile sqlite3 with my custom tokenizer in place. I think that may be more work that it is worth. The idea of using a trigger is interesting, though I suspect the performance hit from having to register the tokenizer on each connection is minimal. Travis -----Original Message----- From: sqlite-users-boun...@sqlite.org [mailto:sqlite-users-boun...@sqlite.org] On Behalf Of Drake Wilson Sent: October 8, 2010 9:02 PM To: General Discussion of SQLite Database Subject: Re: [sqlite] Registering a custom tokenizer per database rather than per connection Quoth Travis Orr <t...@ivl.com>, on 2010-10-08 13:37:25 -0700: > Is it possible to register a custom FTS3 tokenizer to be persistent in > the database so that it is available every time a connection is opened? Not really. How would this work? You open a database, and the function pointer for the tokenizer comes from... where? The physical pointer usually isn't guaranteed to be the same even for the same application running twice on the same machine. This would also have an impact on security: opening a database shouldn't allow it to access arbitrary C code from your program, and declaring which functions are allowed and which are not is just as much work as reregistering the tokenizer in the first place. However, it now occurs to me that it may be possible to use the fts3_tokenizer() function in a trigger, which is probably a bad thing when writing to untrusted databases. Hmm. ---> Drake Wilson _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
