Thank you. In my friend's case, a user can provide an arbitrary database that the software will perform a known query on because the software/python script is open source. Since neither of us are experts in SQLite we aren't sure how to disable things like SQLITE_DBCONFIG_ENABLE_VIEW/SQLITE_DBCONFIG_ENABLE_TRIGGER unless Python will allow you to do it at runtime which it does not. I also asked one of the other guys if SQLite 3.32.1 disabled those by default which the answer seems to also be "no" therefore the service he is providing will have to be terminated for now. There are no custom functions he's just running an open source Python script on arbitrary SQLite data provided by users which runs as mentioned, known SELECT statements since it's open source. No SQL queries are provided by users just arbitrary potentially malicious databases.