|
|
|
|
|
|
by isbvhodnvemrwvn
2039 days ago
|
|
|
This assumes you only deal with non-sensitive data (e.g. user profiles). Never mind that, how do you prevent denial of service attacks? I can run any allowed query on that database. Including 50 times cross join of the table I can read, sorted by random. |
|
|
Not really. You can do row or column level permissions. Details very much depend on your DBMS.
> Never mind that, how do you prevent denial of service attacks?
I have no real answer, and I never suggested that I would. Denial of service attacks (deliberate or accidental) are one piece of the "broader concerns" that I very much share.
In theory, a sufficiently advanced DBMS might be able to assign users quotas, and if your users are stable that may be sufficient for some use cases, but I am skeptical.