On Tue, Oct 12, 2010 at 8:40 AM, Drake Wilson <dr...@begriffli.ch> wrote: > Just to clarify, a trigger isn't useful for this in general, because > you still have nowhere to get the function pointer from. Above I was > worrying that the current SQLite code might be less safe than it could > be as a result of allowing this in triggers by default.
Since the tokenizer-registration code accepts an encoded pointer to a vtable, it probably should be considered unsafe to expose to users. For Gears and Chrome, where SQLite is exposed to web developers, we did manual tokenizer registration and disabled the SQL-based registration code. This can be done using authorizers. -scott _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
