Exactly. It reminds me of that PostgreSQL CVE issue recently discussed, where the security breach was that someone with admin privileges on a PostgreSQL instance could execute code as the postgres user.
People fail to consider the threat model in some of these cases.
People fail to consider the threat model in some of these cases.
https://news.ycombinator.com/item?id=19659684