Rocky Smolin
rockysmolin at bchacc.com
Sun May 22 22:15:31 CDT 2011
If someone is smart enough to bypass much of the FE security wouldn't they be smart enough to make an mdb with the ODBC connection? But, backing up a bit, I usually build in the level of security required by the user. The first question I ask my clients is will the users follow the rules? IOW, if they have a read only password will they accept that and not try to find a way to change the data? Or in their environment do they need to protect the data from mischief or deliberate alteration of the data outside of the mandated procedures? What is the environment in which your app is being deployed? R -----Original Message----- From: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of jwcolby Sent: Sunday, May 22, 2011 6:29 PM To: Access Developers discussion and problem solving Subject: Re: [AccessD] Access Lockdown The back end is a sql server in my office. The FEs access the data over linked ODBC over the internet. John W. Colby www.ColbyConsulting.com On 5/22/2011 9:18 AM, Rocky Smolin wrote: > IME, the back end is more important than the front end. How are you > securing that? > > Are you distributing an mde? > > R > > > -----Original Message----- > From: accessd-bounces at databaseadvisors.com > [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of jwcolby > Sent: Saturday, May 21, 2011 10:23 PM > To: Access Developers discussion and problem solving > Subject: Re: [AccessD] Access Lockdown > > For the first time I am setting up a database which will be used by > unknown users. I am trying hard to keep prying eyes out. > > John W. Colby > www.ColbyConsulting.com > > On 5/22/2011 1:18 AM, Rocky Smolin wrote: >> As an aside - why do you need this level of security? >> >> R >> >> >> -----Original Message----- >> From: accessd-bounces at databaseadvisors.com >> [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of jwcolby >> Sent: Saturday, May 21, 2011 9:52 PM >> To: Access Developers discussion and problem solving >> Subject: Re: [AccessD] Access Lockdown >> >> Well, I have locked it down as tight as possible using these methods. >> I added a field to my application for the destination directory, then >> a button to do the copy, then set these properties false. I hid >> every single table, query, form etc. and added code to the >> application that cleared the "show hidden objects" when my init code runs. >> >> No passwords but otherwise reasonably tight. With no menus you can't >> get at any of the means of resetting these properties so you pretty >> much have to use an application like my C2DbProperties to reset them >> from outside of the database. >> >> I am accustomed to seeing everything in design view so after my Copy >> and Lockdown it is a bit disconcerting to open the database files and >> see absolutely nothing, and yet the app runs. Kinda cool actually. >> >> So now I can open my C2DbProperties, click the Copy&Lockdown button >> for the two library files and the application file and I have >> reasonably tight physical security on the distributed app. >> >> John W. Colby >> www.ColbyConsulting.com >> >> On 5/21/2011 9:31 AM, Rocky Smolin wrote: >>> John: >>> >>> I use this in my app and trigger it when the program is an mde: >>> >>> ChangeProperty "StartupForm", dbText, TheOpeningForm >>> ChangeProperty "StartupShowDBWindow", dbBoolean, False >>> ChangeProperty "StartupShowStatusBar", dbBoolean, False >>> ChangeProperty "AllowBuiltInToolbars", dbBoolean, False >>> ChangeProperty "AllowFullMenus", dbBoolean, False >>> ChangeProperty "AllowBreakIntoCode", dbBoolean, False >>> ChangeProperty "AllowSpecialKeys", dbBoolean, False >>> ChangeProperty "AllowBypassKey", dbBoolean, False >>> ChangeProperty "MenuBar", dbBoolean, False >>> >>> Function ChangeProperty(strPropName As String, varPropType As >>> Variant, varPropValue As Variant) As Integer >>> Dim dbs As Object, prp As Variant >>> Const conPropNotFoundError = 3270 >>> >>> Set dbs = CurrentDb >>> On Error GoTo Change_Err >>> dbs.Properties(strPropName) = varPropValue >>> ChangeProperty = True >>> >>> Change_Bye: >>> Exit Function >>> >>> Change_Err: >>> If Err = conPropNotFoundError Then ' Property not found. >>> Set prp = dbs.CreateProperty(strPropName, _ >>> varPropType, varPropValue) >>> dbs.Properties.Append prp >>> Resume Next >>> Else >>> ' Unknown error. >>> ChangeProperty = False >>> Resume Change_Bye >>> End If >>> End Function >>> >>> I also use this to stop them from navigating around in the app other >>> than through my own menus: >>> >>> ' If mde then turn off windows in taskbar and menu bar Set db = >>> CurrentDb If InStr(1, db.Name, "mde")<> 0 Then >>> Me.MenuBar = "=1" >>> Access.Application.SetOption "ShowWindowsInTaskbar", False >>> On Error GoTo Err_Form_Open >>> End If >>> >>> Not a utility you could run from outside the db but I think you >>> could easily write one with this code that would set the properties >>> of of a db you selectr from the standard file open dialog box. >>> >>> HTH >>> >>> Rocky >>> >>> >>> -----Original Message----- >>> From: accessd-bounces at databaseadvisors.com >>> [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of jwcolby >>> Sent: Saturday, May 21, 2011 5:42 AM >>> To: Access Developers discussion and problem solving >>> Subject: [AccessD] Access Lockdown >>> >>> I want to lock down an application as I copy it from my dev >>> directory to a "live" directory. I want to set the "display system >>> objects and "display hidden objects" properties in Options as well >>> as Startup "Allow full menus", Use Special Keys" etc. >>> >>> Has anyone got a utility that sets these properties? >>> >>> -- >>> John W. Colby >>> www.ColbyConsulting.com >>> -- >>> AccessD mailing list >>> AccessD at databaseadvisors.com >>> http://databaseadvisors.com/mailman/listinfo/accessd >>> Website: http://www.databaseadvisors.com >>> >> -- >> AccessD mailing list >> AccessD at databaseadvisors.com >> http://databaseadvisors.com/mailman/listinfo/accessd >> Website: http://www.databaseadvisors.com >> > -- > AccessD mailing list > AccessD at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/accessd > Website: http://www.databaseadvisors.com > -- AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com