From 9fe2777de4660c20f287d727557542addbb138b0 Mon Sep 17 00:00:00 2001 From: "Mohammad D." Date: Fri, 25 Jul 2025 00:55:11 +0330 Subject: [PATCH] Add RLS Prevention Method to A01:2021 --- 2021/docs/en/A01_2021-Broken_Access_Control.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/2021/docs/en/A01_2021-Broken_Access_Control.md b/2021/docs/en/A01_2021-Broken_Access_Control.md index c3871054e..ca61be507 100644 --- a/2021/docs/en/A01_2021-Broken_Access_Control.md +++ b/2021/docs/en/A01_2021-Broken_Access_Control.md @@ -79,6 +79,8 @@ check or metadata. opportunity for an attacker is minimized. For longer lived JWTs it's highly recommended to follow the OAuth standards to revoke access. +- Enable Row-Level Security (RLS) at the database layer by applying policies for every data operation — including SELECT, INSERT, UPDATE, and DELETE. it helps you to ensure users can only access or modify data they are authorized to. RLS should align tightly with your application’s business logic and user roles, and must be tested to prevent policy misconfiguration or privilege escalation. + Developers and QA staff should include functional access control unit and integration tests.