Drew Wutka
DWUTKA at marlow.com
Thu Nov 13 12:45:19 CST 2003
Another clarification on my 1 position. That is for Access 97. I must admit to have only built one 2000 db with Access User Level security. But 97 I can do in my sleep. Drew -----Original Message----- From: John W. Colby [mailto:jcolby at colbyconsulting.com] Sent: Wednesday, November 12, 2003 8:03 PM To: Access Developers discussion and problem solving Subject: RE: [AccessD] POLL: Access Security >M$'s main DB security is lack of supplied information. ROTFL. And I intentionally called mine Light Weight Security precisely to avoid any expectations that it would lock down a database against someone like yourself. I have discovered that: There are hackers out there that can take down Fort Knox. If you are worried about them Access is not your tool. 99.9% of the day to day damage is done by innocent users doing things they shouldn't be allowed to do. 99.9% of that damage is easily prevented using something waaaaaaay less obtuse than Access security. Funny but true story. I had a user who had apparently taken a class somewhere. She told me one day that she had attempted to make a change to one of my tables but that she couldn't make the change stick. She was attempting to MODIFY a field in a LINKED table. She did not even understand what a linked table was, nor where the real data was. It never occurred to me that a user would even attempt to modify a table of a database that was company property and over which she had no design authority. She was just a user! No harm was done of course, but I had to have a heart to heart with her as to what her job was. And of course, if the company allows it (and this one doesn't) simply setting the database properties would keep such inexpert busy fingers out of the pie. John W. Colby www.colbyconsulting.com -----Original Message----- From: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Jim Lawrence (AccessD) Sent: Wednesday, November 12, 2003 8:40 PM To: Access Developers discussion and problem solving Subject: RE: [AccessD] POLL: Access Security Hi John: Odd questions but I would rate myself as a 4, the other stuff I have samples on but would have to dig for the answers. The ultimate security is simply to go to any SQL server, as far as I am concerned. MDB security is too fragile and hackable. A couple of years back I had to hack a few, think it was two or three, MDBs that were supposedly secure, so the client could work on the tables after the initial programmers had disappeared. Cracked them all...and I would not consider myself a whiz at that stuff, it was just that MS MDB security is a little weak. M$'s main DB security is lack of supplied information. My two cents worth Jim -----Original Message----- From: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of John W. Colby Sent: Wednesday, November 12, 2003 5:00 PM To: AccessD Subject: [AccessD] POLL: Access Security I'd like to take a poll regarding your knowledge of Access' built-in security. By security I do NOT mean the database properties, rather using workgroups / users to secure forms, tables, queries etc. Anyone interested in participating please choose one of the following: 1) I am an Access security guru. I can quickly and easily lock a database down so tight I can't even get back in. No help / books needed. 2) I am fluent with Access security. I can get the job done but it definitely takes a few hours. I probably won't need the help / books. 3) I have done Access Security on at least one real paying project. I would need help / books to do it again. 4) I have heard about Access Security, read about it, managed to shoot a toe off, maybe played around with it, but I am confident I could get the job done. Books / help definitly needed. 5) Access has built in security? What is this and where would I go to learn it? Why haven't I ever seen these books / help? If you would please just select a number and reply I would appreciate it. As for myself, I must admit I rate a solid 4. No client has ever been willing to pay for it and I have always had other things to learn / do so I just never did it (for real). John W. Colby www.colbyconsulting.com _______________________________________________ AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com _______________________________________________ AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com _______________________________________________ AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com