Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
IDK about mssql either, but messing with user permissions is usually a big deal, especially for a DB. Maybe it's a bug, but maybe it's some mitigation feature in case of a privilege escalation attack?
Apart of that, I agree with the pitiful state of some products out there, however software development is very different from physical projects, mostly because it's much more logically complex than a civil engineering project. Each user interaction is a moving part possible to cause problems and there's no recipe we can follow that fit all softwares. Nonetheless I believe we can do better.
@lucaspar in the past I did some stuff with mysql and none of the versions I used ever complained about being able to do more stuff, but I believe that you are right, its a big deal from a security perspective. But if the software would prevent that it should show an error message, instead it behaves like there is an error with the db itself. Strange
xewl46532yThen that application/service should have it's own user (kinda a *duh*), so you won't need to mess with the permissions for something else...