security mdw question

  • Thread starter Thread starter ave
  • Start date Start date
A

ave

I have a secure access db on our server.

To access all the tables i need i have to create a shortcut to access and in
the target box i put a script:

"C:\Program Files\Microsoft Office\Office\MSACCESS.EXE" /wrkgrp
"\\server\CLIENT70\program files\XYZ\XYZ.mdw" /user xyz /pwd xyz

I have another db application (QC) that now needs to access those tables.
They would only access the tables via forms.

Each user has a shortcut to the db QC on their desktop.

What changes do i need to make to the application so that when they open the
app they the forms can access the tables from the secured db?

Changes to the Target scipt in the shortcut? I really dont want to do this
since it exposes the user and password.

Is there a global module code i could write that would create connections to
the secure db when the app starts?

Any help is greatlllllllllllllly appreciated

thanks
g
 
ave said:
I have a secure access db on our server.

To access all the tables i need i have to create a shortcut to access and in
the target box i put a script:

"C:\Program Files\Microsoft Office\Office\MSACCESS.EXE" /wrkgrp
"\\server\CLIENT70\program files\XYZ\XYZ.mdw" /user xyz /pwd xyz

Two things.

First, your shortcut will open Access but it will not open a database. Do
they open the database "manually", from the File : Open option? If so, why
not include the database path in the shortcut? Second, why expose the
username/password via the shortcut? This means that anyone ho can use the
PC, can read the username/password from the shortuct! So that is not good
security, yes? Just >omit< the username & password from the shortcut. Thenm,
the user will be prompted to enter a va;lid username/password whenever he
double-clicks the shortcut.

Thus:
I have another db application (QC) that now needs to access those tables.
They would only access the tables via forms.

Each user has a shortcut to the db QC on their desktop.

What changes do i need to make to the application so that when they open the
app they the forms can access the tables from the secured db?

If an unsecured database could simply link to the tables in a >secured<
database - and alter the data in those tables - that would be a bit of a
security hole, wouldn't it! Anyone could bypass the security of a secured
database, just by linking to it from an unsecured database. Why do you want
to access a >secured< database from an >unsecured< database? Isn't that like
saying, "I want to get in through my locked front door, withut using my
key"?

HTH,
TC
 
Why do you want to access a >secured< database from an >unsecured<
database? >>>>>

For the application i am working on, I need read only access to the tables.
I am not sure how else i can get access to the secure tables.
 
ave said:
Why do you want to access a >secured< database from an >unsecured<
database? >>>>>

For the application i am working on, I need read only access to the tables.
I am not sure how else i can get access to the secure tables.

What more can I say? If an unsecured database could happily link to the
tables in a secured database, that would be an enormous hole in Access
security.

You can *programatically* access the tables, using techniques involving
CreateWorkspace() and OpenRecordset(), if you know a valid username &
password for the secured database. So you can cerainly "get at" the data in
the secured database, from the unsecured one. But you can not just link
directly to the secured tables. You would have to >copy< the tables, using
the techniques in question. Then you could base your forms on those local
copies. But by doing that, you have effectively >desecured< those tables,
because now, anyone in the world can see them in your >unsecured< database!

HTH,
TC
 
Back
Top