Are SqlCipher open cursors a security concern?
https://stackoverflow.com/questions/9947656
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm using SqlCipher with content providers. Right now, when I want to lock the app I just clear out the cached password. However, the app can continue to work with any open cursors. This means that re-opening the app grants access to the sensitive data. I fix this issue on the surface by redirecting to a login screen if the app doesn't have passwords.
However, I'm concerned if there are any security issues with these open cursors or if I should just continue to block UI access and not worry? SqlCipher's docs say that it reads/writes encrypted pages on the fly, as opposed to decrypting the entire DB, this makes me think that open cursors are still secure.
The main concern here is that someone loses their phone and then a knowledgeable individual can use these open cursors to extract sensitive data.
Solution
I have not looked at the details of the SQLCipher for Android implementation of cursors, but usually in Android cursors hold the whole result set in heap space, and in the case of SQLCipher, those would be decrypted by that point.
However, since those cursors are private to your process, there's no good way for anyone to get at them, courtesy of Linux/Android process isolation, except via your UI. If your UI does not allow anyone to get anywhere except via logging in again, you are fairly well protected. The catch is whether you are certain your UI does not have any unintentional code paths that would bypass the login (e.g., recent tasks list) and allow access at the data.
