This repository has been archived by the owner on Feb 8, 2018. It is now read-only.

configure read-only role for db #1996

Closed

chadwhitacre opened this issue Feb 7, 2014 · 1 comment

Labels

TeamX

Contributor

chadwhitacre commented Feb 7, 2014

In response to today's security leak (gratipay/security-00000#1), @jacobian suggests on Twitter (one, two):

A good pattern to follow with DBs that have sensitive info is to have a separate reader role w/o access to sensitive columns/tables; always use that role for stats/reporting/sharing etc.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

Contributor Author

chadwhitacre commented Nov 2, 2017

Closing in light of our decision to shut down Gratipay.

Thank you all for a great run, and I'm sorry it didn't work out! 😞 💃

chadwhitacre closed this as completed

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.