Am 17.04.19 um 23:03 schrieb Jeff Dyke:
I've done this and i'm doing this, its not hard, everyone that needs db access can read a readme and give me a public key in a matter of seconds. I'll take SSH over http-auth and a freaken app that can drop tables/database via a SQL injection bug any day of the week. Granted that could be from poor user management, as NOONE has access to do anything destructive.
I really don't care if you don't believe me, b/c this process has been fluid with 0 issues since i started using it about 6 years ago. Oh and yesterdays users were 100% ordinary users (it doesn't get much more ordinary than marketing), they were added to the slave group with select only, and didn't get added to anything production related.
well, that's a completly different world than typical hosting when you require from that target audience public-keys, install ative apps, give them only read access you are just done because you ahrdly can sell that to anybody