Gustav Brock
Gustav at cactus.dk
Wed Feb 21 06:37:42 CST 2007
Hi William Again your are so right. Both Windows Server and Novell NetWare environments can be locked down to extremely restricted access - in NetWare you can have access to a file without being able to browse for it, meaning that you need to know the exact filename to retrieve it, and if you succeed (try to guess a GUID filename?) it will be logged. Missing security is not caused by lack of options but lack of a true need. And if the need actually exists while security has not been implemented, the reason is sloppiness or lack of skills. Further, very restricted access creates a heavy burden on the users and reduces their options, thus you will not apply it unless needed. /gustav >>> wdhindman at dejpolsystems.com 21-02-2007 00:25:14 >>> ...I'm left dazed by your disparagement of XP security! :) ...pray tell why in a 12 user office where no personal information is available in the app, the xp user logon should not be sufficient to determine access rights to forms needing restricted access based upon user roles? William Hindman ...apparently a paranoid programmer ...who knew? :) ----- Original Message ----- From: "Charlotte Foust" <cfoust at infostatsystems.com> To: "Access Developers discussion and problem solving" <accessd at databaseadvisors.com> Sent: Tuesday, February 20, 2007 6:09 PM Subject: Re: [AccessD] Code Library, Sample Database, Etc. > The primary role of user security IMO has been to allow you to limit > ordinary users to working with the interface. It has never been robust > enough to keep out knowledgeable tamperers. However, I do NOT want Joe > User going in and mucking about with the interface or code I built just > because he now has full permissions to do so. I have never been wiling > to roll my own security system for Access because I object to > reinventing the wheel, even if the wheel is a bit crooked and flat on > one side. XP security in small business environments?? You MUST be > joking! I've never seen a small business environment with any security > that hadn't been added on by a paranoid programmer or systems guy! ;o> > > Charlotte > > -----Original Message----- > From: accessd-bounces at databaseadvisors.com > [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of William > Hindman > Sent: Tuesday, February 20, 2007 1:54 PM > To: Access Developers discussion and problem solving > Subject: Re: [AccessD] Code Library, Sample Database, Etc. > > ...again Charlotte, that is heavily dependent upon the environment in > which you work ...Access based user security has been a farce since '95 > ...you cannot build an Access mdb to which I cannot gain access with > readily available tools, both free and inexpensive ...so you build your > own, a number of which are discussed in our archives, or you depend on > XP security in small business environments ...so the decision by the > Access development team to remove it from A'07 really has no bearing on > its continued use in those environments. > > William Hindman