|
|
|
|
|
|
by p1necone
342 days ago
|
|
|
From the article: "The cursor assistant operates the Supabase database with elevated access via the service_role, which bypasses all row-level security (RLS) protections." This is the problem. The "mitigations" you're talking about are nonsense. If you give people access to the database... they have access to the database. Slapping a black box AI tool between the user and the database doesn't change anything security wise. |
|
|