This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author erlendaasland
Recipients berker.peksag, christian.heimes, erlendaasland
Date 2021-04-07.10:51:19
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1617792679.62.0.407303342016.issue43762@roundup.psfhosted.org>
In-reply-to
Content 
If Python is configured with --enable-loadable-sqlite-extensions, it is possible to load third party SQLite extensions (shared libraries/DLL’s) via the sqlite3 extension module. When enabled, the sqlite3.Connection.enable_load_extension() class method will enable the loading of third party extensions via SQL queries, using the SQL function load_extension(). It also enables loading extension via C, using the sqlite3.Connection.load_extension() class method.

Suggesting to add the following audit event names to respectively the sqlite3.Connection.enable_load_extension() and sqlite3.Connection.load_extension() methods:
- sqlite3.enable_load_extension
- sqlite3.load_extension

Ref.
- https://discuss.python.org/t/should-we-audit-enabling-loading-of-sqlite3-extensions-shared-libraries/8124
- https://www.sqlite.org/loadext.html
- https://docs.python.org/3/library/sqlite3.html#sqlite3.Connection.enable_load_extension
History
Date User Action Args
2021-04-07 10:51:19erlendaaslandsetrecipients: + erlendaasland, christian.heimes, berker.peksag
2021-04-07 10:51:19erlendaaslandsetmessageid: <1617792679.62.0.407303342016.issue43762@roundup.psfhosted.org>
2021-04-07 10:51:19erlendaaslandlinkissue43762 messages
2021-04-07 10:51:19erlendaaslandcreate