Information from SQLite DB is provided to the user through a web server (displayed in an HTML browser). The database is loaded once for just a small application, independent of the web server. Database data cannot be changed from the user's browser (this is a read-only service).
Since the web server has its own user ID, it accesses the SQLite DB file with "other" permissions. For security reasons, I would like to set DB file permissions as rw-rw-r-- .
Unfortunately, with this permission set, I get an attempt to write a readonly database at line xxx warning message that points to a line about a SELECT transaction (which is basically read-only). Of course, I get no result.
If permissions are changed to rw-rw-rw , everything works fine, but that means everyone can interfere with the database.
Is there a reason SQLite DB might not be read-only?
Are there behind-the-scenes processes that need to be written, even for SELECT transactions?
A search in StackOverflow shows that people usually complain about the opposite situation: they encounter read-only access rights, which prevents writing to the database. My goal is to protect my database from ANY attempt to change.
For the whole story, my web application is written in Perl and uses DBD::SQLite
source share