I have a sqlite3 db which i insert/select from in python. The app works great but i want to tweak it so no one can read from the DB without a password. How can i do this in python? note i have no idea where to start.
That's using a special library
Xster
2010-03-31 22:28:20
+1
A:
SQLite databases are pretty human-readable, and there isn't any built-in encryption.
Are you concerned about someone accessing and reading the database files directly, or accessing them through your program?
I'm assuming the former, because the latter isn't really database related--it's your application's security you're asking about.
A few options come to mind:
- Protect the db with filesystem permissions rather than encryption. You haven't mentioned what your environment is, so I can't say if this is workable for you or not, but it's probably the simplest and most reliable way, as you can't attempt to decrypt what you can't read.
- Encrypt in Python before writing, and decrypt in Python after reading. Fairly simple, but you lose most of the power of SQL's set-based matching operations.
- Switch to another database; user authentication and permissions are standard features of most multi-user databases. When you find yourself up against the limitations of a tool, it may be easier to look around at other tools rather than hacking new features into the current tool.
Tim Lesher
2009-06-12 17:27:54
I have the same question, except I can't use other databases because sqlite is lightweight for a desktop app I am aiming to write (a private journal software)
Sridhar Ratnakumar
2010-02-08 16:01:03