Loading...

XML

Word

Printable

Details

Type: Suggestion
Resolution: Unresolved
Fix Version/s: None
Component/s: Architecture, Database - MSSQL Server, Database Support
Labels:
None

UIS:
0
Feedback Policy:

We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

Description

Database schemas are a central component of a database architecture. They not only organize the objects within the database, they also serve as access control. Stackoverflow

The standard schemata, such as the "dbo" schema in Microsoft SQL Server, should not be used primarily for security reasons, since an attacker knows exactly the rights and possibilities of a non-secured standard schema and this is therefore a possible weakness. Even if a separate database is used for Bitbucket to which no other application has access, this risk remains. In fact, Bitbucket can even pose a threat to other applications that use the same database instance (keyword permission / ownership chaining).

This can be avoided by always creating a separate schema for an application in a database, as is done for example with Jira.

Note:
JDBC connections unfortunately do not have an argument that allows you to change the schema used.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Alexander Lelonek

Votes:: 1 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 23/Apr/2020 10:08 AM

Updated:: 27/Oct/2023 2:24 AM