I am a beginner for Rails. I just studied the GUIDE and did some
https://www.railstutorial.org/book). However I have one concern. Rails
ONE ID (usually is ROOT) to do everything on database, such as DB
migration, application accesses database, etc. This architecture raises
security concern, especially the cyber attack is happening so often
nowadays. Although RAILS has strong parameters feature but once a hacker
hacking into database, hacker has total control on the database. Is a
to use one ID for database migration (i.e. database schema owner) and
another ID for application access (to database)? The ID for application
access database should have limited privileges.
Does anyone know a way to implement one ID to do the database migration
another ID to access database? Share your solution will be appreciated.