[0x0]

Actually I think that warning comes from data stored in the xattr com.apple.metadata:kMDItemWhereFroms on the file itself. So this sqlite database must be for something else.

[ehamberg]

Hmm, it seems that the URL is taken from the database. If I delete the relevant row, the URL is no longer shown:

http://i.imgur.com/Ks03r.png

[TheCapn]

I'm not a Mac user but wouldn't the test therefore be to clear the DB entries and re-open the file. No prompt implies the link to the sqlite db and not the file attr.

[mitchty]

The dialog only shows up when that xattr is set, the sqlite db has nothing to do with this security prompt. In fact all the prompt does is unset the xattr if you deem it ok.

[mikec3k]

Correct. There's a quarantine attribute.

[mistercow]

The design decision of storing the application a file came from in file metadata, but the URL it came from in an sqlite database ... makes my head hurt.

[pretoriusB]

So, I assume you have considered all the aspects of the problem to come to that conclusion right?

Not merely pondered upon it for 2 minutes and decided that Apple programmers were idiots for doing so, right?