Hello, SQLite version is 3.27. The journal_mode we set is truncate, but I think this is per connection. If someone connects to the same database by sqlite3.exe for example, the default connection is "delete". So here is the case, if someone drops a malicious -wal file and connect to the same sqlite db we use by setting jounal_mode=wal, which will make that wal file take effect and risk all the data in the db. There are several things that I think could mitigate this issue, but it doesn't seem to be feasible after reading the documents. But I may miss something. - set the journal_mode at the db level and it cannot be modified - config the database to block specific PRAGMA statement such as PRAGMA journal_mode=wal; - have some mechanics to check whether the wal is valid/legitimate (e.g. created from the original database) Would you recommend any best practices around it? So that no malicious wal file is executed. I use C# to create/connect the sqlite db. Thanks.