E
E
Evgeny Ivanov2018-11-23 08:43:44
SQLite
Evgeny Ivanov, 2018-11-23 08:43:44

How to ensure security when running sqlite (as a web database)?

Usually, on the web, they use mysql (or other similar databases). But, for the sake of experiment, I decided to try to create a site using sqlite (sqlite 3).
As I understand it, having worked a little with this database, this database is a file. And this file can be created/modified by the same Navicat, for example.
In total, the hosting will contain php files (other css files, etc.) and a database file (sqlite 3).
Is it enough to correctly set the rights to this database file, for example chmod 700, to ensure that no one can read/copy/download/change it from outside?
And only scripts will be able to work with it. Options for downloading scripts by an attacker, we do not consider vulnerabilities in scripts.
How to ensure security when running sqlite (as a web database)?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
R
Roman Mirilaczvili, 2018-11-23
@2ord

If you want to add security, you will have to pay a price for it.
To be safe, you need to work with SQLITE under a different user. And this means that all requests must be output through a separate (HTTP) API or other application service.
Although this is relative. If there is full access to such a layer, then to the data itself as well. There will simply be no direct access to the SQLITE file.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question