Use schemas for security

You can improve your database security by using more than one schema or login account.

When you create a table or other database object, the owner has full rights on that object. The owner can create, read, update and delete data and can also change the definition of the object.

If your application logs into the database as a different user, then the owner of the objects can limit the actions that can be performed on the objects. The owner can grant privileges to other users for example: 

Grant select, insert, update(valid_to_date) on Items to WEB_USER;

This technique is very useful for limiting the damage from a successful SQL injection attack.
For example, if a hacker manages to inject some SQL to delete from the user account table, but your web app logs in as a user that does not have permission to delete from the user account table, no damage will be done.

Copyright Donald Horrell 2012, 2013. All rights reserved