Yes, but the processes still need to share a memory namespace. In WAL mode, SQLi... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		kuschku on Sept 15, 2022 \| parent \| context \| favorite \| on: TIL–Python has a built-in persistent key-value sto... Yes, but the processes still need to share a memory namespace. In WAL mode, SQLite creates a shared memory file which gets mapped into any process trying to access it (that’s why WAL mode creates additional .shm files). But that only works if all given processes run on the same physical machine, and not in containers/jails/VM.

formerly_proven on Sept 15, 2022 [–]

I dunno what SQLite is doing specifically but you can certainly mmap a file across containers and it behaves like you’d think. SELinux and other hardening options might interfere though, because shared mmaps should imho be viewed as a very likely vector for cross-process exploitation.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact