Name
secure_delete — Overwrite deleted content with zeros
Common Usage
PRAGMA secure_delete; PRAGMA secure_delete =switch; PRAGMAdatabase.secure_delete; PRAGMAdatabase.secure_delete =switch;
Description
The secure_delete pragma is
used to control how content is deleted from the database.
Normally, deleted content is simply marked as unused. If the
secure_delete flag is
on, deleted content is first overwritten with a series of 0 byte
values, removing the deleted values from the database file. The
default value for the secure delete flag is normally off, but
this can be changed with the SQLITE_SECURE_DELETE build option.
If a database name is given, the flag will be get or set for
just that database. If no database name is given, setting the
value will set it for all attached databases, while getting the
value will return the current value for the main database. Newly attached
databases will take on the same value as the main database.
Be aware that SQLite cannot securely delete information from the underlying storage device. If the write operation causes the filesystem to allocate a new device-level block, the old data may still exist on the raw device. There is also a slight performance penalty associated with this directive.
The secure_delete flag is
stored in the page cache. If shared cache mode is enabled,
changing this flag on one database connection will cause the
flag to be changed for all database connections sharing that
cache instance.
See Also
Get Using SQLite now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
