|
|
|
|
|
|
by sendob
4536 days ago
|
|
|
+1 to read only, fortunately databases are very good at enforcing this thing, unfortunately the users of databases generally less so. RE: circumventing the blacklist, I think immediately of accessing a function with postgresql aka select my_destructive_function(); |
|
|
The blacklist has no chance of defending against malicious users. Luckily (at the moment) we are using this purely internally and the blacklist is really just preventing people from shooting themselves in the foot. We're moving to a read-only user role shortly, and the suggestion to go with a read-only db is a great one.