It seems that my words are still ambiguous, let me make it further clear. there are many processes in the system (ie, linux ), they use the sqlite databases, I add many rules to allow/forbidden their access to the databases, such as: "A" (process name) can see all records except rowid 1,2 "B" .....except rowid 1,3 "C" ......except rowid 4,5 and so on. The rule could be updated at any time. I can't control the action of "A", "B", "C", they have their own normal SQL , so the WHERE clause can't be added except modifying the source code of sqlite3_exec() and change the zSql parameter. I can only control the databases and the libsqlite.so. Is everything clear?
2011/7/17 Jean-Christophe Deschamps <[email protected]> > > >I want to make things clear. there are some rules in my system, such > >as : process whose name is proc_host can see all the records, and > >process whose name is proc_client1 can see all the records except > >rowid 1. > > First, keep away of relying on rowid values since they may change if > you don't create an INTEGER primary key yourself. > > That said, I have a feeling you don't expose all your requirements. > > Now from what you've told, what I would do is encode the sensitive > columns of your "protected" row(s) with any proven standard of your > choice. Share the key with all privileged processes and leave the > other processes in the bush. Eventually, have a boolean column called > "secret_row" to sort that out and you're home. > > Whatever OS you use, you can probably have access to an easy-to-use > system call to perform on the fly encryption. Alternatively you can > also code a simple known one yourself (relying on a proven algorithm) > in your application. > > -- > <mailto:[email protected]>[email protected] > > _______________________________________________ > sqlite-users mailing list > [email protected] > http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users > _______________________________________________ sqlite-users mailing list [email protected] http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
