Results 1 to 6 of 6
  1. #1
    Lounger
    Join Date
    Jan 2005
    Location
    Orange, California, USA
    Posts
    33
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Security models using MS Access 2002 (2002)

    I have a VB6 application accessing an Access 2002 back end. The VB app launches during the boot up process and prior to the user authenticating to the domain (Novell and AD). Because of this the MDB file is sitting on a NTFS share available to everyone (so it could be seen prior to authentication). The issue I have is with security, even though there isn't really any sensitive information kept in this database.

    Is it at all possible to create a second database within a folder available to everyone, but only has a subset of information just used by this initial application with tables linked to the primary database in a secured NTFS share? That is probably a streatch. But I'd appreciate any suggestions

  2. #2
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Security models using MS Access 2002 (2002)

    Access requires that all users have modify permissions (read/write/create/delete) to the folder containing a database, even for users who should not be able to edit any records. You should look into user-level security using a workgroup information file (.mdw). See WendellB's The Secrets of Security for an overview and useful links.

  3. #3
    Lounger
    Join Date
    Jan 2005
    Location
    Orange, California, USA
    Posts
    33
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Security models using MS Access 2002 (2002)

    Hi Hans,

    Sorry, I should have mentioned - the database is already implemented with user level security. The thing is that ms databases are easily hackable.

    Mike

  4. #4
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Security models using MS Access 2002 (2002)

    Unfortunately, Access doesn't work correctly in a multi-user environment if you limit user permissions at the folder (or file) level. Perhaps you should consider SQL Server as a backend.

  5. #5
    Lounger
    Join Date
    Jan 2005
    Location
    Orange, California, USA
    Posts
    33
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Security models using MS Access 2002 (2002)

    I was afraid you were going to say that, Hans. What is your knowledge related to hacking an SQL server?

  6. #6
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Security models using MS Access 2002 (2002)

    I'm not an expert in that, but colleagues who are tell me that SQL Server databases can be made very secure.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •