DB file's physical security

K

kaulam

New member
Local time
Today, 13:12
Joined
May 31, 2003
Messages
6
Hi,

I am new to this forum and not too experienced in Access. So hope my question is not too stupid.

I will install a database to the network. I believe that all users who need to open the db need to have create, modify and delete rights to the network directory. This allows creation of the ldb file when opening the db, updating the db, and delete the ldb file on closing the db.

If a user has such rights, he/she will be able to delete the mdb and mdw files. They can also modify (that is, hack) them directly instead of going through Access. This is obviously not desirable.

Anyway to help? Thanks in advance.

Karl
 
Karl,

I can only address a couple of issues.

You can lower your risk slightly by setting permissions on the mdb file itself, removing the delete permission. Trade-off: it adds a bit more complexity to your net admin duties.

Users will still be able to copy the mdb file. To deal with this, use Access security so that if someone does copy the file, it will be equivalent, roughly speaking, to stealing a locked safe (except there will no trace that anyone's taken the thing since it will only be a copy).

I can think of at least one other thing to worry about: a foolish or mean-minded user will still be able to open the Access file in Word -- I've never tried it but supposedly this corrupts an Access DB. Besides doing frequent backups, I imagine you could guard against this by using system polices (in an NT or W2000 environment) that hide from users Windows Explorer, the Network Neighborhood icon, the command prompt and something else I'm not thinking of...

Search on "security" and "ldb" here and at support.microsoft.com for more information.

Regards,
Tim
 
Tim,

Thanks for your reply.

I have user security implemented already so not worry about copying.

Actually your point "a foolish or mean-minded user..." is my major concern. It is definitely possible to modify the mdb file using means (such as Word) other than Accses itself.

Before I posted the question, I have searched for security, and read the Microsoft FAQs already. I am not able to find anything related. I am surprised that this is quite a basic security issue that little was talked about.

I shall talk to the network administrator regarding removing the delete right for the mdb file, or if the mdb file can be (really) hidden.

If anyone has other ideas, will be very much appreciated.

Karl
 
You must log in or register to reply here.

Similar threads

M
Solved Record locking / persistent Access process
Replies
8
Views
759
isladogs
isladogs
D
Darshan Hiranandani : How to Access a Password-Protected MDB Database with an MDW File and Unknown User Password?
Replies
3
Views
602
Isaac
Isaac
M
Solved Can I access the user passwords in the MDW file?
Replies
13
Views
861
gemma-the-husky
gemma-the-husky
R
Database inconsistent
Replies
9
Views
617
gemma-the-husky
gemma-the-husky
A
Solved Access Database Locking Issue
2
Replies
31
Views
1,630
Ajay289
A

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)
Back
Top Bottom