Re: master 3d38d1d: Add sqlite3 support to Emacs

[Andy Moreton]

On Tue 14 Dec 2021, Eli Zaretskii wrote:

>> From: Lars Ingebrigtsen <larsi@gnus.org>
>> Cc: luangruo@yahoo.com,  stefankangas@gmail.com,  rms@gnu.org,
>>   emacs-devel@gnu.org
>> Date: Tue, 14 Dec 2021 14:15:46 +0100
>> 
>> Eli Zaretskii <eliz@gnu.org> writes:
>> 
>> > What about Andy Moreton's suggestion to disable loading the extensions
>> > via sqlite3_db_config?  It sounds like a good idea, even if it's
>> > orthogonal to the reason for having a whitelist.
>> 
>> Do you mean the SQL command for loading extensions?  From my reading of
>> the documentation, it's not enabled by default -- you have to call a C
>> level function to enable it, and we don't.
>
> Then maybe I misunderstood what Andy was saying, or the documentation
> he pointed to (or both).  I'll let Andy respond.

I'm not at all expert on SQL matters - I read the sqlite documentation
which points out that there are two ways to allow loading of sqlite
extensions from C:

a) sqlite3_db_config(db,SQLITE_DBCONFIG_ENABLE_LOAD_EXTENSION,..)
   - enables sqlite3_load_extension()
   - does not enable SQL function "load_extension"

b) sqlite3_enable_load_extension()
   - enables sqlite3_load_extension()
   - ALSO enables SQL function "load_extension"

So if sqlite extensions are to be allowed in emacs, option (a) should be
preferred. This is explicitly called out as a security issue in the docs.

Loading sqlite extensions should be disabled by default, and only be
enabled by explicit user configuration.

    AndyM