In our configuration, only the application pool user of indicium/indicium universal/webgui needs rights to the database, and we want it that way for the lowest possible security risk.
It is now possible to prevent rights to be given to the public role on the model database, so we have already achieved a certain degree of security. (https://docs.thinkwisesoftware.com/docs/kb/tags#limit-database-authorization-with-a-tag)
But it is not yet possible to achieve the same on the IAM database, while the IAM controls access to the model database.
So it is our wish, with new versions of IAM, that these are also delivered in such a way that rights are never distributed to the public role.
As an idea for a possible solution direction: As far as we are concerned, it may also be organized in such a way that the distribution of rights is arranged via 1 SQL script and that we ourselves prevent this sql script from being executed (for example, by means of a switch on the twdeployer.exe)
