I am a beginner for Rails. I just studied the GUIDE and did some exercises (https://www.railstutorial.org/book). However I have one concern. Rails uses ONE ID (usually is ROOT) to do everything on database, such as DB migration, application accesses database, etc. This architecture raises a security concern, especially the cyber attack is happening so often nowadays. Although RAILS has strong parameters feature but once a hacker is hacking into database, hacker has total control on the database. Is a way to use one ID for database migration (i.e. database schema owner) and another ID for application access (to database)? The ID for application to access database should have limited privileges.
Does anyone know a way to implement one ID to do the database migration and another ID to access database? Share your solution will be appreciated.