Typically the security conscious webdev still needs to define an API to their database. It’s bad practice to let users hit the DB directly.
Now, if you hack the API then sure you can start hacking the database, but first you have to hack the API to the database which raises the costs of cyberwar
Typically the security conscious webdev still needs to define an API to their database. It’s bad practice to let users hit the DB directly.
Now, if you hack the API then sure you can start hacking the database, but first you have to hack the API to the database which raises the costs of cyberwar