On Mon, Feb 29, 2016 at 2:18 PM, Simon Slavin <slavins at bigfraud.org> wrote:
> Another way would be to write your own authorizer which, among other > things, did some encryption of the data involved. > <https://www.sqlite.org/c3ref/set_authorizer.html> It's the first time I read someone proposing using an authorizer has more than just a "predicate". And quickly reading the doc, and it doesn't seem like modifying the SQL (to inject some function calls to do encryption/decryption on the fly), as would be required for "cell"-level encryption. Can an authorizer really be "abused" that way? Thanks, --DD
