First of all, your application should be split into a front-end (containing
the queries, forms, reports, macros and modules) linked to a back-end
(containing the tables). Only the back-end should be on the server: each
user should have his/her own copy of the front-end, and it should ideally be
on the hard drive of his/her workstation.
The front-end should be an MDE in your case: you cannot make changes to
Forms or Reports with an MDE. It is, however, possible to change queries. At
least messing up a query won't impact any other users, and you can simply
overwrite their front-end if they've corrupted it beyond repair. In fact, if
you use something like the Auto FE Updater Tony Toews has (for free) at
http://www.granite.ab.ca/access/autofe.htm, you can guarantee that they
always have the correct version of the front-end every time they go to open
it.
If that doesn't provide sufficient protection, then you may be forced to
implement Access Security.
See
http://support.microsoft.com/support/access/content/secfaq.asp for
instructions. Read the instructions thoroughly a couple of times before
starting, work on a copy of your database, and make sure you do not skip any
steps.
You can post questions to microsoft.public.access.security if you run into
problems.
