This Product Ideas board is currently undergoing updates, but please continue to submit your ideas.
As discussed in this thread, any users of a database are able to share that database with other users, even if the creator didn’t authorize those other users.
Furthermore, any users of a database are able to duplicate the database without permission from the creator.
The creator is never alerted to any of these actions, either.
This is a huge security concern for any business.
Creators should be the only ones who are allowed to share the table with other users OR duplicate the table. Period.
If the creator wants other people to be able to share or duplicate the table, then they should EXPLICITLY be able to turn on those privileges for specific users.
Additionally, if another user shares or duplicates the database, the creator should then be informed of it via email.
Otherwise, as it stands now, we have a potential security nightmare.
More info in this thread:
I trust you’re aware of and reviewed the current security beta features and factored these into your product suggestion?
As far as I can tell, they haven’t changed “table sharing” or “table duplication” permissions with those new security features. Although those new security features are extremely welcome (albeit overdue)!
Has there been any word from the devs on this? It’s astonishing to me that there is still no way to restrict base sharing to owner/creator level.
Wanted to close the loop on this thread. Thank you for offering the product feedback here and completely understand the concerns. We’re excited to share that Airtable now supports workspace sharing restrictions so that Enterprise admins and workspace owners and Pro workspace owners can restrict the addition of new collaborators to specific workspaces or bases. Enterprise admins and workspace owners can also toggle a setting to prevent future share link creation on a given workspace.
Thanks again and we hope this is helpful :tada: