User Group Permission Read/Update/Insert/Delete NOT READ DESIGN. "Andy" <dont[ at ]want.mail> 25.08.2006 12:27:34 Hi; Just learned something "Frightening" by trial and error. Have a runtime version created in A2K. Used "User and Group permissions" to secure it. The Administrator has a password to open the dbase and be able to access the designs and codes. (user name: Admin, Pword: ***** The users open the dbase w/o a password, (they do have a password to protect their data.), (user name: My Name, Pword is left blank. Discovered this: If on a "foreign" computer I add a user in Windows called "My Name" without a password and then open a full version of Access I can import the tables/qrys/macros into that dbase. I know why its happening: To be able to use the secured dbase package the user has to be granted permissions to "Read, Update, Insert and Delete Data" in the tables/qrys/macros. BUT to do that You must also grant permission to "READ DESIGN". With the Forms and Reports the only permission needed is "Open/Run", the Forms and Reports CANNOT be imported by user "My Name". Is there a workaround or another way to block this. Thank You. Andy

Re: User Group Permission Read/Update/Insert/Delete NOT READ DESIGN. "Chris Mills" <phad_nospam[ at ]cleardotnet.nz> 25.08.2006 16:40:00 If the database can be opened without a password then it was not secured properly. In fact, you have used the standard test to tell if it is. For more information on User Level Security see the SecFAQ at: http://support.microsoft.com/?id=207793 ....or see microsoft.public.access.security It is true that table Read Design permissions are required (unless one perhaps uses RWOP queries), but this is not regarded as a security breach. If you secure it properly, only someone with a valid password can access the tables. Of course, THEY can copy data out, since you've given them permission to the data! This is why you commonly lock down your database with other things as well, such as the AllowBypassKeys property. And there are some articles like this: www.access.qbuilt.com/html/security.html#PreventImportFrSecDB This has nothing to do with runtime. Runtime does limit what a user can do, but that's for licensing reasons and can't be used as a security measure (they can just buy Full Acess). Chris "Andy" <dont[ at ]want.mail> wrote in message news:eXVJ2EGyGHA.4176[ at ]TK2MSFTNGP06.phx.gbl... [Quoted Text] > Hi; > > Just learned something "Frightening" by trial and error. > > Have a runtime version created in A2K. > > Used "User and Group permissions" to secure it. > > The Administrator has a password to open the dbase and be able to access the > designs and codes. (user name: Admin, Pword: ***** > The users open the dbase w/o a password, (they do have a password to protect > their data.), (user name: My Name, Pword is left blank. > > Discovered this: > If on a "foreign" computer I add a user in Windows called "My Name" without > a password and then open a full version of Access I can import the > tables/qrys/macros into that dbase. > > I know why its happening: > To be able to use the secured dbase package the user has to be granted > permissions to "Read, Update, Insert and Delete Data" in the > tables/qrys/macros. > > BUT to do that You must also grant permission to "READ DESIGN". > > With the Forms and Reports the only permission needed is "Open/Run", the > Forms and Reports CANNOT be imported by user "My Name". > > Is there a workaround or another way to block this. > > Thank You. > > Andy > >

Re: User Group Permission Read/Update/Insert/Delete NOT READ DESIGN. "Andy" <dont[ at ]want.mail> 25.08.2006 19:01:30 Chris; Thank You. Me "Chris Mills" <phad_nospam[ at ]cleardotnet.nz> wrote in message news:egd99XGyGHA.4984[ at ]TK2MSFTNGP05.phx.gbl... [Quoted Text] > If the database can be opened without a password then it was not secured > properly. In fact, you have used the standard test to tell if it is. > > For more information on User Level Security see the SecFAQ at: > http://support.microsoft.com/?id=207793 > ...or see microsoft.public.access.security > > It is true that table Read Design permissions are required (unless one > perhaps > uses RWOP queries), but this is not regarded as a security breach. > > If you secure it properly, only someone with a valid password can access > the > tables. Of course, THEY can copy data out, since you've given them > permission > to the data! This is why you commonly lock down your database with other > things as well, such as the AllowBypassKeys property. > > And there are some articles like this: > www.access.qbuilt.com/html/security.html#PreventImportFrSecDB > > This has nothing to do with runtime. Runtime does limit what a user can > do, > but that's for licensing reasons and can't be used as a security measure > (they > can just buy Full Acess). > > Chris > > "Andy" <dont[ at ]want.mail> wrote in message > news:eXVJ2EGyGHA.4176[ at ]TK2MSFTNGP06.phx.gbl... >> Hi; >> >> Just learned something "Frightening" by trial and error. >> >> Have a runtime version created in A2K. >> >> Used "User and Group permissions" to secure it. >> >> The Administrator has a password to open the dbase and be able to access >> the >> designs and codes. (user name: Admin, Pword: ***** >> The users open the dbase w/o a password, (they do have a password to >> protect >> their data.), (user name: My Name, Pword is left blank. >> >> Discovered this: >> If on a "foreign" computer I add a user in Windows called "My Name" >> without >> a password and then open a full version of Access I can import the >> tables/qrys/macros into that dbase. >> >> I know why its happening: >> To be able to use the secured dbase package the user has to be granted >> permissions to "Read, Update, Insert and Delete Data" in the >> tables/qrys/macros. >> >> BUT to do that You must also grant permission to "READ DESIGN". >> >> With the Forms and Reports the only permission needed is "Open/Run", the >> Forms and Reports CANNOT be imported by user "My Name". >> >> Is there a workaround or another way to block this. >> >> Thank You. >> >> Andy >> >> > >