www-client/seamonkey[system-sqlite] forces enabling secure-delete flag on sqlite. Setting this flag is a bad idea since it means performance penalty and increased disk wear for all application using SQLite. Unfortunately, system-sqlite is the default on Seamonkey, effectively meaning that:
1) seamonkey is not cleanly installable by default,
2) users installing it are recommended to enable harmful flags on sqlite.
Therefore, I believe that the system-sqlite flag should be disabled by default.
Alternatively, could mozilla@ investigate fixing the use of secure-delete so it’s not required system-wide? (This is why Firefox dropped it AFAIK)
(In reply to Michał Górny from comment #0)
> Setting this flag is a bad idea since it means performance penalty
> and increased disk wear for all application using SQLite.
Is there any real live data on this, that backs this claim that it is a real issue that people care about? Do people (gentoo seamonkey users?) use SQLite for large scale databases that do a lot of delete/update actions?
(In reply to Sam James from comment #1)
> Alternatively, could mozilla@ investigate fixing the use of secure-delete so
> it’s not required system-wide? (This is why Firefox dropped it AFAIK)
Using the schema.secure_delete pragma would be an option for this. This would require patching the seamonkey source code, that this pragma is set to "on" (alternatively "FAST"), where needed.
As a reference, here is the Firefox/Mozilla bug report that led to the removal of the system sqlite support:
I think that with the next release, dropping the enabled default for system-sqlite is nothing more than fair (if you want to keep using it, you'll have to enable it by yourself), optional with a warning for people that enable it. For the long term, I think there should be further discussion if we want to keep it, as the current patch that is applied still requires that the system sqlite version needs at least to be at the same version that seamonkey ships. With this I mean that the patch has room for improvement, which should be taken if we want to keep system-sqlte available as an option.