Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Can SQLite DB files be made read-only?

Information from an SQLite DB is presented to user through a web server (displayed in an HTML browser). The DB is loaded once for all by a small application independent from the web server. DB data cannot be changed from user browser (this is a read-only service).

As the web-server has its own user-id, it accesses the SQLite DB file with "other" permissions. For security reason, I would like to set the DB file permissions as rw-rw-r--.

Unfortunately, with this permission set, I get a warning attempt to write a readonly database at line xxx which points to a line about a SELECT transaction (which in principle is read-only). Of course, I get no result.

If permissions are changed to rw-rw-rw, everything works fine, but that means everybody can tamper with the DB.

Is there any reason why SQLite DB cannot be accessed read-only?

Are there "behind-the-scene" processings which need write access, even for SELECT transactions?

Look-up on StackOverflow shows that people usually complain for the opposite situation: encountering a read-only access permission preventing writing to the DB. My goal is to protect my DB against ANY change attempt.

For the complete story, my web app is written in Perl and uses DBD::SQLite

like image 998
ajlittoz Avatar asked Feb 04 '16 18:02

ajlittoz


People also ask

What are the limitations of SQLite?

An SQLite database is limited in size to 281 terabytes (248 bytes, 256 tibibytes). And even if it could handle larger databases, SQLite stores the entire database in a single disk file and many filesystems limit the maximum size of files to something less than this.

Can SQLite open .DB files?

SQLite will check the file name “SchoolDB. db” whether it is found in the same location or not. If the file exists, it will open it.

Is SQLite human readable?

You can't. SQLite database files are binary files, not text files. Opening them in a text editor will only produce semi-readable results because not all bytes (or sequences of bytes) represent valid characters regardless of the character encoding.

What is the file format of SQLite database?

What is a SQLite File? A file with . sqlite extension is a lightweight SQL database file created with the SQLite software. It is a database in a file itself and implements a self-contained, full-featured, highly-reliable SQL database engine.


2 Answers

You must connect to your SQLite db in readonly mode.

From the docs:

You can also set sqlite_open_flags (only) when you connect to a database:

use DBD::SQLite;
my $dbh = DBI->connect("dbi:SQLite:$dbfile", undef, undef, {
  sqlite_open_flags => DBD::SQLite::OPEN_READONLY,
});

-- https://metacpan.org/pod/DBD::SQLite#Database-Name-Is-A-File-Name

like image 76
Asaph Avatar answered Oct 16 '22 07:10

Asaph


The solution is given in the answer to this question Perl DBI treats setting SQLite DB cache_size as a write operation when subclassing DBI.

It turns out that AutoCommit cannot be set to 0 with read-only SQLite DB. Explicitly forcing it to 1 in the read-only DB case solved the problem.

Thanks to all who gave clues and leads.

like image 43
ajlittoz Avatar answered Oct 16 '22 07:10

ajlittoz