Hi, I am a beginner for Rails. I just studied the GUIDE and did some exercises ( https://www.railstutorial.org/book). However I have one concern. Rails uses ONE ID (usually is ROOT) to do everything on database, such as DB migration, application accesses database, etc. This architecture raises a security concern, especially the cyber attack is happening so often nowadays. Although RAILS has strong parameters feature but once a hacker is hacking into database, hacker has total control on the database. Is a way to use one ID for database migration (i.e. database schema owner) and another ID for application access (to database)? The ID for application to access database should have limited privileges.
Does anyone know a way to implement one ID to do the database migration and another ID to access database? Share your solution will be appreciated. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/b0800c1a-6052-40dc-8a42-16ded0c4de06%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
