1
 Follower
1
 Like

Restricting Developers from accessing tables of other applications

Lifetime
On our radar

It has been observed that developers can access the tables of other applications (where they do not have access) via writing sql statements in input parameters to advance query. This should have some sort of restriction to even view data. Issue stated here.

Created on 20 Sep 2017
Comments (2)

In the post you link to, it is clear that this is database access via SQL, and tricking the platform at that. I don't think that can be prevented at all, without changing the way the Platform works.

Sounds like the real problem is that you need to change your access so your untrusted developers cannot connect to environments that they should not have access to the data.


J.Ja

views
182
Followers
1