Drew Wutka
DWUTKA at Marlow.com
Thu Sep 6 21:22:53 CDT 2007
The biggest hole in the 'GUI' data integrity process is the .mdb itself. You can link tables or import them into another .mdb with a few clicks of the mouse. So, if you have a table that you really don't want people editing data in, no amount of GUI tricks are going to prevent that if you don't put security on a table. If someone wants to get at the data, they can just link the tables in a blank database, and have at the data. So, in the case of your customers, who want to have access to write their own queries and reports, you are simply getting by with having uninformed or inexperienced customers. A user of Access, who knows the just a fraction of how Access works can link to the tables in your database. No protection on the tables, no protection on the linked tables. Drew -----Original Message----- From: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Steve Schapel Sent: Thursday, September 06, 2007 6:52 PM To: Access Developers discussion and problem solving Subject: Re: [AccessD] Transactions Thank you, Charlotte. I hope I didn't give the impression that I thought there were not "ways around it". I am saying that in practice, I do not find I need to try and prevent people finding ways around it. In practice, I have found that removing the possibility of accessing the Database Window from within the application UI has been sufficient. Not foolproof, but sufficient. I have a couple of times had clients who wanted me to provide them with the MDB rather than the MDE, and access to the Database Window, so they could make their own reports and whatnot. I have told them sure, no problem, but that spells the end of my relationship with them, as I do not support applications under those circumstances. Anyway, I digress. I would be interested to have a look at your article, if possible? Regards Steve Charlotte Foust wrote: > > Susan and I wrote an article one time about hiding the database window. > We did a pretty good job but there were still ways around it if your > users had more than just the runtime version of Access and knew what > they were doing. -- AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com The information contained in this transmission is intended only for the person or entity to which it is addressed and may contain II-VI Proprietary and/or II-VI BusinessSensitve material. If you are not the intended recipient, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. You are notified that any review, retransmission, copying, disclosure, dissemination, or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited.