I’m not sure if this has been discussed before, but are there
significant
challenges to having one database user to run migrations (ability to
CREATE
and/or EDIT schema) and another user to do CRUD actions on the data
itself?
I understand Rails takes care of a lot of sql injection attacks for us,
but
if the database user that rails used lacked schema EDIT capability, it
would be impossible for a malicious user to DROP or ADD tables. Sure,
there is still a lot of danger posed by a malicious data user (DELETE
FROM
table), but couldn’t we limit the attack area on the database with a
more
powerful “migration only” user?