← 返回首页
Expose `sqlite3_db_config` and verbs (or equivalent) · Issue #103489 · python/cpython · GitHub
Skip to content

Navigation Menu

Toggle navigation
Sign in
Appearance settings
Search or jump to...

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Appearance settings
Resetting focus

Expose sqlite3_db_config and verbs (or equivalent) #103489

New issue
New issue

Description

Feature or enhancement

Python's SQLite bindings should expose sqlite3_db_config and at least SQLITE_DBCONFIG_DEFENSIVE (or an idiomatic version of the same)

Pitch

The libsqlite3.dylib built into Darwin enables defensive mode by default for all connections in processes linked on or after macOS 11 Big Sur as a mitigation layer against the general class of security vulnerabilities that can be exploited with pure SQL, but it's still useful to be able to disable it when using certain tools (like sqlite-utils). Conversely, developers may find it useful to be able to enable defensive mode on other platforms when opening a database with an untrusted schema, or executing untrusted SQL statements from remote sources.

Previous discussion

This was prompted by a brief discussion on Mastodon with @erlend-aasland

Linked PRs

Metadata

Metadata

Labels

Fields

No fields configured for issues without a type.

Projects

Status
Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions

  • Open in GitHub Copilot app

Footer

© 2026 GitHub, Inc.