For my app, if I did not set any privacy rules for the database, I understand that “everyone else (default permissions)” can read the database, even if a page does not explicitly load or show a specific data field.
Is it view-only for the public, or can sophisticated coders also figure a way to write or make changes to the database if there are no privacy rules?
Also, in my app can I make a workflow such that User A is making changes to User B’s data fields (for the default in-built User type)?
Thanks in advance.