Comment by lyu07282
2 months ago
Nevermind you are right its possible, but I still think it breaks so much stuff that at least I've never seen anybody doing it or recommending it. All kinds of ORMs and migration tools would break for example. But I guess it would be a defense-in-depth strategy.
Yeah those tools may break if such a change is introduced suddenly, without testing etc. But that's not how normal reality for most companies look like, such rules are there for 2 decades at least. DBs are very old tech without much change in past 20 years and this is DB security 101.
Not even going into reasonability of ORMs, most of the stuff I've seen or implemented added practically 0 added value, and added hard-to-debug issues down the line as software evolved. Cargo culting at its best, often done on trivial schemas that could handle either direct SQL or some sql-query-to-object mapping easily.