| ▲ | oulipo2 3 days ago | |
So a kind of "mini-Firebase" ? and then you have security through row-based security? But this also means your users can generate their own queries, possibly doing some weird stuff taking down the db, so I assume it's more for "internal tools"? | ||
| ▲ | charrondev 3 days ago | parent [-] | |
Yeah definitely not for public facing things of any capacity. No matter your size unless you have a trivial amount of data, if you expose a full SQL query language you can be hit be a DOS attack pretty trivially. This ignores that row level security is also not enough on its own to implement an even moderately capable level of access controls. | ||