Hi Albert and John,
I am not sure if I have not confused you both or if I just don’t get what
you are saying, so here it goes again….
A user uses a PW (not Access ULS, but my VB code) to log onto the FE, then,
depending on who the user is, I allow them different editing and viewing
rights for each record. So users are adding, editing or viewing only those
records that they have permission to. This all works very well and would, I
believe, be very secure if not for the problem below.
It appears that a property of Access is to allow one access database to
import data in linked tables from any other Access database. Therefore it
appears that Access, or even Excel, may be able to ‘ask’ my MySQL-linked FE
to have a copy of all the data in the BE tables it is linked to and my FE
then uses its ODBC connection and passwords to access and get the data for
this other access database. As far as I can tell, my security problem thus is
with Access and not MySQL since mysql is simply giving the information to my
FE, as it is supposed to, and it is my FE that is then giving the information
to the other database/excel (which I don’t want it to do but which seems to
be a property of Access). Thus what I need to know is if there is a utility,
etc. within Access that will allow my FE to deny a request from another
access database or excel to get it copies of tables and queries from my BE,
much in the same way that an MDE version of my FE will deny a similar request
from an access database for forms in my FE.
Yes I agree that there are always other ways for someone to steal data, such
as capturing screen shots, however, these sorts of things are not a ‘problem’
with what I am doing. Lastly, I am a GREAT fan of Access, as a biochemist and
someone who has never taken a single computer course, Access has proven
itself to me to be indispensable in my work. So, for the record, I, am not
knocking Access, I will not give up on Access, and I will get this bug worked
out to the satisfaction of the IT people.
Hope this makes more sense, and I am really hoping that I am making some
stupid little error and that there is a quick solution to this problem.
Albert D. Kallal said:
salmonella said:
Thanks for the reply. I have already removed the toolbar/menu and disabled
the bypass key and, I believe, have the FE locked down- except for this
problem. Microsoft needs to deal with their security problems. Just a note
of
interest, I am being told by the IT people at the University here that
they
don't want us to put any sensitive data in Access.
But you told me your data is in MySql. So, how does that effect ms-access???
Your secrity going to be setup on the MySql side of things.
What is stop a user from firing up excel and going data->Import External
data and pulling the data out of mysql?
If you hear of any way to stop someone from importing tables out of an
Access database (FE) with linked tables, please let me know- I am
desperate.
Yes, you can setup user level security and they not be able to import those
linked tables....
You can find the security faq for access here:
http://support.microsoft.com/default.aspx?scid=kb;[LN];207793
You not really mentioned how you setup the MySql security..but, if you
allowing users to read that data, then you might try the MySql newsgroups
for what they suggest, but for the most part your security issues will be
that of your database engine, in this case MySql. You not using ms-access to
store this data so secuirty really not an issue of ms-access, it is that of
mySql...