Page 1 of 1

SQLite security

Posted: Thu Jan 22, 2009 1:54 pm
by greyhoundcode
If I am compelled to use SQLite3 rather than MySQL, what can I do to secure the database file's contents?

And, from a performance perspective, would it be better to encrypt the whole file (assuming that's a possibility) then decrypt each time I want to read the contents, or would it be better to encrypt/decrypt on a field by field basis?

Thanks for any help, or for pointers to external references.

Re: SQLite security

Posted: Thu Jan 22, 2009 2:18 pm
by kaisellgren
greyhoundcode wrote:If I am compelled to use SQLite3 rather than MySQL, what can I do to secure the database file's contents?

And, from a performance perspective, would it be better to encrypt the whole file (assuming that's a possibility) then decrypt each time I want to read the contents, or would it be better to encrypt/decrypt on a field by field basis?

Thanks for any help, or for pointers to external references.
Store the file outside the public folder. If someone can access it, he would have a complete filesystem access in which case it does not matter if he can read your database.

Re: SQLite security

Posted: Thu Jan 22, 2009 2:59 pm
by Christopher
As kaisellgren says, you should protest the file like you would protect any file on your server. If you cannot secure the filesystem then encrypting/decrypting will not be much use -- because if they can read the file, they can read your code.