From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: Andy Moreton <andrewjmoreton@gmail.com>
Newsgroups: gmane.emacs.devel
Subject: Re: master 3d38d1d: Add sqlite3 support to Emacs
Date: Tue, 14 Dec 2021 23:41:14 +0000
Message-ID: <868rwmrbz9.fsf@gmail.com>
References: <20211211035614.15517.53830@vcs0.savannah.gnu.org>
 <20211211035616.984DD20A0A@vcs0.savannah.gnu.org>
 <CADwFkmkwsQuEjRjHZHrqv9R8LpB1LKWUOo7DB_Cho3Pbc=ZtEw@mail.gmail.com>
 <87ee6j4ty4.fsf@yahoo.com> <8735mz4o70.fsf@yahoo.com>
 <83k0gbr0dm.fsf@gnu.org> <87y24r33bn.fsf@yahoo.com>
 <E1mwG1h-0006A8-LM@fencepost.gnu.org> <87ilvu1ldh.fsf@yahoo.com>
 <E1mwcG6-0003D4-Ty@fencepost.gnu.org> <87a6h5tap6.fsf@gnus.org>
 <E1mwzBN-0003Lv-Ih@fencepost.gnu.org> <87tufbu7jg.fsf@yahoo.com>
 <87y24nr6nk.fsf@gnus.org> <87lf0ntz0t.fsf@yahoo.com>
 <87pmpzr3jz.fsf@gnus.org> <87h7bbtukz.fsf@yahoo.com>
 <87h7bbqy5o.fsf@gnus.org> <83fsqvl48w.fsf@gnu.org>
 <878rwnqqd9.fsf@gnus.org> <838rwnl31m.fsf@gnu.org>
Mime-Version: 1.0
Content-Type: text/plain
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="37472"; mail-complaints-to="usenet@ciao.gmane.io"
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/29.0.50 (windows-nt)
To: emacs-devel@gnu.org
Cancel-Lock: sha1:85g20aQOIbWl5iR19IkAOG50Pjk=
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Wed Dec 15 00:43:19 2021
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1mxHS3-0009XM-Kh
	for ged-emacs-devel@m.gmane-mx.org; Wed, 15 Dec 2021 00:43:19 +0100
Original-Received: from localhost ([::1]:47470 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1mxHS2-0003Ib-1N
	for ged-emacs-devel@m.gmane-mx.org; Tue, 14 Dec 2021 18:43:18 -0500
Original-Received: from eggs.gnu.org ([209.51.188.92]:47842)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ged-emacs-devel@m.gmane-mx.org>)
 id 1mxHQM-0001s3-Ps
 for emacs-devel@gnu.org; Tue, 14 Dec 2021 18:41:34 -0500
Original-Received: from ciao.gmane.io ([116.202.254.214]:57094)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ged-emacs-devel@m.gmane-mx.org>)
 id 1mxHQL-00026I-1N
 for emacs-devel@gnu.org; Tue, 14 Dec 2021 18:41:34 -0500
Original-Received: from list by ciao.gmane.io with local (Exim 4.92)
 (envelope-from <ged-emacs-devel@m.gmane-mx.org>) id 1mxHQH-0007Hl-89
 for emacs-devel@gnu.org; Wed, 15 Dec 2021 00:41:29 +0100
X-Injected-Via-Gmane: http://gmane.org/
Received-SPF: pass client-ip=116.202.254.214;
 envelope-from=ged-emacs-devel@m.gmane-mx.org; helo=ciao.gmane.io
X-Spam_score_int: 15
X-Spam_score: 1.5
X-Spam_bar: +
X-Spam_report: (1.5 / 5.0 requ) BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001,
 FORGED_GMAIL_RCVD=1, FREEMAIL_FORGED_FROMDOMAIN=0.248, FREEMAIL_FROM=0.001,
 FREEMAIL_REPLY=1, HEADER_FROM_DIFFERENT_DOMAINS=0.248, NML_ADSP_CUSTOM_MED=0.9,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no
X-Spam_action: no action
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org
Original-Sender: "Emacs-devel"
 <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Xref: news.gmane.io gmane.emacs.devel:281953
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/281953>

On Tue 14 Dec 2021, Eli Zaretskii wrote:

>> From: Lars Ingebrigtsen <larsi@gnus.org>
>> Cc: luangruo@yahoo.com,  stefankangas@gmail.com,  rms@gnu.org,
>>   emacs-devel@gnu.org
>> Date: Tue, 14 Dec 2021 14:15:46 +0100
>> 
>> Eli Zaretskii <eliz@gnu.org> writes:
>> 
>> > What about Andy Moreton's suggestion to disable loading the extensions
>> > via sqlite3_db_config?  It sounds like a good idea, even if it's
>> > orthogonal to the reason for having a whitelist.
>> 
>> Do you mean the SQL command for loading extensions?  From my reading of
>> the documentation, it's not enabled by default -- you have to call a C
>> level function to enable it, and we don't.
>
> Then maybe I misunderstood what Andy was saying, or the documentation
> he pointed to (or both).  I'll let Andy respond.

I'm not at all expert on SQL matters - I read the sqlite documentation
which points out that there are two ways to allow loading of sqlite
extensions from C:

a) sqlite3_db_config(db,SQLITE_DBCONFIG_ENABLE_LOAD_EXTENSION,..)
   - enables sqlite3_load_extension()
   - does not enable SQL function "load_extension"

b) sqlite3_enable_load_extension()
   - enables sqlite3_load_extension()
   - ALSO enables SQL function "load_extension"

So if sqlite extensions are to be allowed in emacs, option (a) should be
preferred. This is explicitly called out as a security issue in the docs.

Loading sqlite extensions should be disabled by default, and only be
enabled by explicit user configuration.

    AndyM