Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
About branch new-security-options
This branch strives to make it easier for applications to defend against attacks in which the attacker changes the schema of a database to include malicious SQL functions or virtual tables in trigger or views and then tricks the victim application into reading the database file and thereby running the malicious SQL as a consequence of doing an normal query.
See the design notes for details.
38 check-ins related to "new-security-options"
|
2020-01-09
| ||
| 20:44 | Merge in the untrusted-schema enhancements. See doc/trusted-schema.md for details. (check-in: 5720924c user: drh tags: trunk) | |
| 16:28 | Fix a problem in the encoding display in the updated PRAGMA function_list. (Closed-Leaf check-in: 318ff772 user: drh tags: new-security-options) | |
| 16:00 | Fix minor typos in the trusted-schema.md document. (check-in: 87aea3ab user: drh tags: new-security-options) | |
| 15:18 | Minor formatting changes in the trusted-schema.md document. (check-in: 55553b5e user: drh tags: new-security-options) | |
| 14:51 | Design notes for the new-security-options branch. (check-in: af7c1ed4 user: drh tags: new-security-options) | |
| 13:08 | Simplified error message for the unsafe use of a virtual table. (check-in: d662129a user: drh tags: new-security-options) | |
| 01:20 | Fix a problem that restricted edgy functions in TEMP tables. New test cases added. (check-in: 8878c407 user: drh tags: new-security-options) | |
|
2020-01-08
| ||
| 22:22 | Block edgy functions used in DEFAULT constraints. (check-in: da434dc1 user: drh tags: new-security-options) | |
| 20:37 | Performance improvements and test cases added. Allow "PRAGMA trusted_schema=ON" (check-in: 30882ca8 user: drh tags: new-security-options) | |
| 17:28 | Check for whether or not it is safe to use non-innocuous functions as the function is being coded, not when its name is resolved. (check-in: 1da802d5 user: drh tags: new-security-options) | |
| 15:44 | Provide the -innocuous option to the "db func" method in the TCL interface. (check-in: 0138652b user: drh tags: new-security-options) | |
| 15:43 | Fix the rot13.c extension to be deterministic. Add the noop.c extension. (check-in: a679122c user: drh tags: new-security-options) | |
| 14:39 | In the TreeView debugging output, show a "DDL" mark on SrcList and Expr nodes that derive from a non-TEMP schema. (check-in: fe7472fd user: drh tags: new-security-options) | |
| 13:08 | Merge recent changes from trunk. (check-in: 5962921f user: drh tags: new-security-options) | |
| 12:17 | When doing a text-to-double conversion on a BLOB with an odd number of bytes and assuming a UTF16 encoding, ignore the last byte. Ticket [9eda2697f5cc1aba]. (check-in: 1c76f1d8 user: drh tags: trunk) | |
|
2020-01-07
| ||
| 19:45 | Create the "trusted_schema" pragma. Add sqlite3_vtab_config() calls to set the risk rank for many virtual tables. (check-in: 4c21373c user: drh tags: new-security-options) | |
| 18:10 | Enforce SQLITE_VTABRISK restrictions. (check-in: 3d87ff31 user: drh tags: new-security-options) | |
| 16:09 | Invert the UNTRUSTED_SCHEMA setting to be TRUSTED_SCHEMA. (check-in: f5fcf1fb user: drh tags: new-security-options) | |
| 15:44 | Merge recent fixes from trunk. (check-in: 5dfa33a0 user: drh tags: new-security-options) | |
| 13:32 | Add an "|| CORRUPT_DB" term to an assert() statement inside of btree. (check-in: 03c1d75d user: drh tags: trunk) | |
|
2020-01-06
| ||
| 19:30 | Merge enhancements from trunk. (check-in: 9c50f6c2 user: drh tags: new-security-options) | |
| 19:23 | Rewrite the (debugging use only) sqlite3VdbeMemPrettyPrint() function to use the safer StrAccum interface rather than writing directly into a static string buffer. Perhaps this will address ticket [bbd55a97e66ff50d], which we are unable to reproduce. (check-in: 69f6a7e4 user: drh tags: trunk) | |
| 15:25 | Refactor names of flags for improved legibility. (check-in: 411e8ec2 user: drh tags: new-security-options) | |
|
2020-01-04
| ||
| 20:58 | Refactor the names of the new controls for restricting what actions the schema can take behind the application's back. (check-in: 65d7d39a user: drh tags: new-security-options) | |
| 19:58 | Enhance PRAGMA function_list to show internal functions if the direct use of internal functions is enabled via the SQLITE_TESTCTRL_INTERNAL_FUNCTIONS test control. (check-in: 7a8d7ca7 user: drh tags: new-security-options) | |
| 19:19 | Merge all fixes and enhancements from trunk. (check-in: b878c30f user: drh tags: new-security-options) | |
| 19:14 | Fix DBSTAT so that it returns no rows, rather than an error when the WHERE clause is "schema=NULL". (check-in: 5b246b47 user: drh tags: trunk) | |
| 15:37 | Merge the latest fixes from trunk. (check-in: 26ef709a user: drh tags: new-security-options) | |
| 15:21 | Fix a false-positive in the register validity tracking logic by moving the temporary register release call before the jump that uses that temporary register. (check-in: 9da48a5c user: drh tags: trunk) | |
| 01:43 | Enhance PRAGMA function_list so that it shows all instances of each FuncDef, the number of arguments, the encoding, the type, and the flags. Use this capability to locate and fix incorrect function flags in the standard build. (check-in: 9ca906d2 user: drh tags: new-security-options) | |
|
2020-01-03
| ||
| 21:57 | Invert the SQLITE_FUNC_SAFE bit to be SQLITE_FUNC_UNSAFE. The external bit is still SQLITE_INNOCUOUS. It gets inverted as the appdef function is registered. (check-in: 1c266cb3 user: drh tags: new-security-options) | |
| 20:57 | When UNSAFE_IN_VIEW is disabled, only allow functions in views that are tagged with SQLITE_INNOCUOUS. (check-in: 9ee79b25 user: drh tags: new-security-options) | |
| 15:22 | Merge fixes from trunk. (check-in: 002406df user: drh tags: new-security-options) | |
| 14:34 | Remove an over-zealous ALWAYS() macro and add a test case that shows that the conditional can sometimes be false. (check-in: 536e9a9d user: drh tags: trunk) | |
|
2020-01-02
| ||
| 23:50 | Merge enhancements from trunk. (check-in: 091403a6 user: drh tags: new-security-options) | |
| 22:28 | Add the two-size lookaside memory allocator. Also, reduce the per-entry size of the ExprList object. (check-in: 51665bf0 user: drh tags: trunk) | |
|
2019-12-31
| ||
| 22:52 | Experimental branch with new sqlite3_db_config() options that could possible enhance security for applications reading potentially compromised database files. (check-in: 96a2db26 user: drh tags: new-security-options) | |
| 18:39 | Also set the SQLITE_DIRECTONLY flag on the load_extension() function. (check-in: 3bd095a5 user: drh tags: trunk) | |