[AccessD] Code Library, Sample Database, Etc.

William Hindman wdhindman at dejpolsystems.com
Tue Feb 20 22:52:24 CST 2007


...lol ...while technically true its not a concern ...my users don't have 
Access installed and

William Hindman
----- Original Message ----- 
From: "Drew Wutka" <DWUTKA at marlow.com>
To: "Access Developers discussion and problem solving" 
<accessd at databaseadvisors.com>
Sent: Tuesday, February 20, 2007 8:03 PM
Subject: Re: [AccessD] Code Library, Sample Database, Etc.


> Yep..... even in a runtime environment.  An .mde only protects the
> forms/reports/code.  The tables (and querries and the data within) are
> still accessible through ANYTHING that can connect to an Access .mdb.
> (Access itself, Excel, word, VBScript, heck, anything that can use ADO
> or DAO.).
>
> The only thing that protects an Access table (whether it's an .mdb, or
> .mde) is Access User Level Security.
>
> Don't believe me?  Just open an .mdb, and go link a table, find an .mde
> to link to, and you'll see ALL of your tables right there....
>
> Drew
>
> -----Original Message-----
> From: accessd-bounces at databaseadvisors.com
> [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of William
> Hindman
> Sent: Tuesday, February 20, 2007 6:43 PM
> To: Access Developers discussion and problem solving
> Subject: Re: [AccessD] Code Library, Sample Database, Etc.
>
> ...not in a runtime environment :)
>
> William Hindman
>
> ----- Original Message ----- 
> From: "Drew Wutka" <DWUTKA at marlow.com>
> To: "Access Developers discussion and problem solving"
> <accessd at databaseadvisors.com>
> Sent: Tuesday, February 20, 2007 6:35 PM
> Subject: Re: [AccessD] Code Library, Sample Database, Etc.
>
>
>> If you aren't using User Level security, what's the point in any
>> 'security' within the db anyhow?
>>
>> Let's say you have a form that only Mr. X should be able to use.  This
>> form edits tblXYZ.  Sure, from the .mde interface only Mr. X would get
>> the form, if you design it that way.  But any Joe Schmoe can link to
> ALL
>> the tables in the .mde, and do whatever they want to the data.....
>>
>> Drew
>>
>> -----Original Message-----
>> From: accessd-bounces at databaseadvisors.com
>> [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of William
>> Hindman
>> Sent: Tuesday, February 20, 2007 5:25 PM
>> To: Access Developers discussion and problem solving
>> Subject: Re: [AccessD] Code Library, Sample Database, Etc.
>>
>> ...I'm left dazed by your disparagement of XP security! :)
>>
>> ...pray tell why in a 12 user office where no personal information is
>> available in the app, the xp user logon should not be sufficient to
>> determine access rights to forms needing restricted access based upon
>> user
>> roles?
>>
>> William Hindman ...apparently a paranoid programmer ...who knew? :)
>>
>> ----- Original Message ----- 
>> From: "Charlotte Foust" <cfoust at infostatsystems.com>
>> To: "Access Developers discussion and problem solving"
>> <accessd at databaseadvisors.com>
>> Sent: Tuesday, February 20, 2007 6:09 PM
>> Subject: Re: [AccessD] Code Library, Sample Database, Etc.
>>
>>
>>> The primary role of user security IMO has been to allow you to limit
>>> ordinary users to working with the interface.  It has never been
>> robust
>>> enough to keep out knowledgeable tamperers.  However, I do NOT want
>> Joe
>>> User going in and mucking about with the interface or code I built
>> just
>>> because he now has full permissions to do so.  I have never been
>> wiling
>>> to roll my own security system for Access because I object to
>>> reinventing the wheel, even if the wheel is a bit crooked and flat on
>>> one side.  XP security in small business environments??  You MUST be
>>> joking!  I've never seen a small business environment with any
>> security
>>> that hadn't been added on by a paranoid programmer or systems guy!
> ;o>
>>>
>>> Charlotte
>>>
>>> -----Original Message-----
>>> From: accessd-bounces at databaseadvisors.com
>>> [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of William
>>> Hindman
>>> Sent: Tuesday, February 20, 2007 1:54 PM
>>> To: Access Developers discussion and problem solving
>>> Subject: Re: [AccessD] Code Library, Sample Database, Etc.
>>>
>>> ...again Charlotte, that is heavily dependent upon the environment in
>>> which you work ...Access based user security has been a farce since
>> '95
>>> ...you cannot build an Access mdb to which I cannot gain access with
>>> readily available tools, both free and inexpensive ...so you build
>> your
>>> own, a number of which are discussed in our archives, or you depend
> on
>>> XP security in small business environments ...so the decision by the
>>> Access development team to remove it from A'07 really has no bearing
>> on
>>> its continued use in those environments.
>>>
>>> William Hindman
>>>
>>> ----- Original Message -----
>>> From: "Charlotte Foust" <cfoust at infostatsystems.com>
>>> To: "Access Developers discussion and problem solving"
>>> <accessd at databaseadvisors.com>
>>> Sent: Tuesday, February 20, 2007 4:02 PM
>>> Subject: Re: [AccessD] Code Library, Sample Database, Etc.
>>>
>>>
>>>>I don't think anyone is casting aspersions, William.  But the simple
>>>> truth is that without user security in Access mdbs, they become less
>>>> than useful for multiuser solutions.  That doesn't depend on object
>>>> model, it depends on having a mechanism for controlling who gets
> into
>>>> the application and keeping track of who's there.  Without that
>>>> capability, Access 2007 becomes a desktop database for power users
> or
>>> a
>>>> RAD frontend for SQL Server.
>>>>
>>>> Charlotte Foust
>>>>
>>>> -----Original Message-----
>>>> From: accessd-bounces at databaseadvisors.com
>>>> [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of William
>>>> Hindman
>>>> Sent: Tuesday, February 20, 2007 11:24 AM
>>>> To: Access Developers discussion and problem solving
>>>> Subject: Re: [AccessD] Code Library, Sample Database, Etc.
>>>>
>>>> Arthur
>>>>
>>>> ...its not a matter of agreeing or disagreeing ...if you work in an
>>>> environment where SS is available and the notwork resources are
>>>> available to support it, of course you would use SS in most
>>>> applications.
>>>>
>>>> ...but if you are a consultant working with many small businesses
>>> where
>>>> you are it, then a well designed dao mdb fe/be can be highly stable
>>> and
>>>> work every bit as well as an adp/SS combo ...in point of fact with
> up
>>> to
>>>> at least
>>>> 15 users a well designed dao based mdb will normally out perform an
>>> ado
>>>> based fe.
>>>>
>>>> ...and with A'07 it appears that MS itself is moving back to the dao
>>>> model ...what irks me is people declaring that their favorite model
>> is
>>>> best for everyone ...or casting unwarranted aspersions on Access
> be's
>>>> and dao when they really don't work in an environment where that
>> model
>>>> functions best.
>>>>
>>>> William Hindman
>>>>
>>>> ----- Original Message -----
>>>> From: <artful at rogers.com>
>>>> To: "Access Developers discussion and problem solving"
>>>> <accessd at databaseadvisors.com>
>>>> Sent: Tuesday, February 20, 2007 1:41 PM
>>>> Subject: Re: [AccessD] Code Library, Sample Database, Etc.
>>>>
>>>>
>>>>> While I agree with you, I also fear that you will be flamed from
>>>> numerous
>>>>> devotees to the MDB BE concept. I have my flame extinguisher ready
>> in
>>>> case
>>>>> you need it.
>>>>>
>>>>>
>>>>> Arthur Fuller
>>>>> Technical Writer, Data Modeler, SQL Sensei
>>>>> Artful Databases Organization
>>>>> www.artfulsoftware.com
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ----- Original Message ----
>>>>> From: Robert L. Stewart <rl_stewart at highstream.net>
>>>>> To: accessd at databaseadvisors.com
>>>>> Cc: BarbaraRyan at cox.net
>>>>> Sent: Tuesday, February 20, 2007 1:09:06 PM
>>>>> Subject: Re: [AccessD] Code Library, Sample Database, Etc.
>>>>>
>>>>>
>>>>> Barb,
>>>>>
>>>>> I think the only way to completely "tie it all together"
>>>>> is to use SQL Server and an ADP.  Behind the forms and such
>>>>> it s completely ADO.  MDEs are not if you use a bound form.
>>>>>
>>>>> Robert
>>>>>
>>>>> P.S.  Besides, I would never use Access for the database any way.
>>>>> SQL Server is much better at storing it and being stable.
>>>>> -- 
>>>>> AccessD mailing list
>>>>> AccessD at databaseadvisors.com
>>>>> http://databaseadvisors.com/mailman/listinfo/accessd
>>>>> Website: http://www.databaseadvisors.com
>>>>>
>>>>
>>>>
>>>>
>>>>
>>>> -- 
>>>> AccessD mailing list
>>>> AccessD at databaseadvisors.com
>>>> http://databaseadvisors.com/mailman/listinfo/accessd
>>>> Website: http://www.databaseadvisors.com
>>>> -- 
>>>> AccessD mailing list
>>>> AccessD at databaseadvisors.com
>>>> http://databaseadvisors.com/mailman/listinfo/accessd
>>>> Website: http://www.databaseadvisors.com
>>>>
>>>
>>>
>>>
>>>
>>> -- 
>>> AccessD mailing list
>>> AccessD at databaseadvisors.com
>>> http://databaseadvisors.com/mailman/listinfo/accessd
>>> Website: http://www.databaseadvisors.com
>>> -- 
>>> AccessD mailing list
>>> AccessD at databaseadvisors.com
>>> http://databaseadvisors.com/mailman/listinfo/accessd
>>> Website: http://www.databaseadvisors.com
>>>
>>
>>
>>
>>
>> -- 
>> AccessD mailing list
>> AccessD at databaseadvisors.com
>> http://databaseadvisors.com/mailman/listinfo/accessd
>> Website: http://www.databaseadvisors.com
>> -- 
>> AccessD mailing list
>> AccessD at databaseadvisors.com
>> http://databaseadvisors.com/mailman/listinfo/accessd
>> Website: http://www.databaseadvisors.com
>>
>
>
>
>
> -- 
> AccessD mailing list
> AccessD at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/accessd
> Website: http://www.databaseadvisors.com
> -- 
> AccessD mailing list
> AccessD at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/accessd
> Website: http://www.databaseadvisors.com
> 







More information about the AccessD mailing list