The better way is for nobody to have direct write access to the database, but in... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

sanderjd on Jan 25, 2021 | parent | context | favorite | on: The high price of mistrust

The better way is for nobody to have direct write access to the database, but instead for automated tools to do things like that, using reviewed code and config and writing an audit log of actions taken. The trust thing is part of the reason this is a good idea, but it's mostly a good idea to avoid good-faith accidents. I think it is common for companies that haven't yet had time to build those automated tools to delegate their work to senior, very trusted, engineers. But that's not a good solution, it's just more expedient, and a bit better than the database being world-writable, which is a bad solution.

twoquestions on Jan 25, 2021 [–]

I'm in a small company in that position, what's also helped is wrapping UPDATE statements in a transaction with a verification SELECT statement to make sure everything worked ok, then committing the transaction.

Saved my bacon more than once!

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact