How secure is a Web App code and his scriptDb data?

1
votes

We have a Web App written in Apps Script (using spreadsheets on each user's domain) and using ScriptDb (just to store some specific information from each user's domain.)

This is the scenario in terms of access to each piece:

  1. script project (the code): "private to only me"
  2. published web app: "execute the app as the user accessing the web app" and "anyone has access to the app"
  3. this web app will be registered in Chrome Web Store

And these are my questions in terms of access to the information:

  1. How secure is the code of this web app? (who can access?)
  2. How secure is the data stored on ScriptDb? (who can access?)
  3. What are the chances if any, of somebody hacking into the Script code or the ScriptDb data?

Thanks, Fausto

1
google-apps-script

1 Answers

0
votes

I try my best to give you what I best know of, anyone please feel free to correct me if I am wrong.

ScriptDB is tie to your account and if in the case where your code is only share to you, it will be only you able to access it and IIRC if the app execute as the user accessing the web app, it will be that user's scriptDB and nothing to do with yours.

So if you ask how secure is your code, I think one of the way to access all your code is when your account got hacked and the person will be able to access all your codes and the data store in ScriptDB. As for somebody hacking into the Script code or ScriptDB data chances, I think is pretty low if you keep your account safe.