security dilemma...

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

We purchased an Access application stored on our network, that comes w/ 2
different installation types: A & B.
If A is installed on a machine, the user can control the entire application.
If B is installed on a machine, some of the buttons are 'grayed out' -
allowing them to only change certain information.
The problem is - since security is controlled through the client, they still
need to have 'modify' rights on the network. You can guess what the problem
is already - there's nothing stopping a user with the B installation from
browsing to: whatever.mdb file on the network and opening the tables in
Access and changing anything they want. Does anyone know of some 3rd party
software or have any ideas for a solution to this? thanks in advance, mike.
 
We purchased an Access application stored on our network, that comes w/ 2
different installation types: A & B.
If A is installed on a machine, the user can control the entire application.
If B is installed on a machine, some of the buttons are 'grayed out' -
allowing them to only change certain information.
The problem is - since security is controlled through the client, they still
need to have 'modify' rights on the network. You can guess what the problem
is already - there's nothing stopping a user with the B installation from
browsing to: whatever.mdb file on the network and opening the tables in
Access and changing anything they want. Does anyone know of some 3rd party
software or have any ideas for a solution to this? thanks in advance, mike.

User Level Security can stop this to some extent, althoug ULS can be easily broken. This would need to be implemented by
the developer, however, unless you have full access to the source code and are comfortable working with ULS.

Why have two applications to do the job of one? Most systems would have a single file, and would allow/disallow user
interaction based on logins and permissions ...

Scott McDaniel
scott@takemeout_infotrakker.com
www.infotrakker.com
 
Scott - thanks. but alas, i do not have the source code. and you're
correct, it would be better with only one app... what can i say - we're just
trying to do what we can w/ what was already purchased.
thanks agian,
mike.
 
mike_silly said:
Scott - thanks. but alas, i do not have the source code. and you're
correct, it would be better with only one app... what can i say - we're
just
trying to do what we can w/ what was already purchased.
thanks agian,
mike.

If it is possible to open up the mdb and see the db window and tables then
what is to stop you invoking user-level security yourself?

Keith.
www.keithwilby.com
 
Back
Top