Re: Access 2003 Macro Security Modification

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Mike Wachal (mikewa_at_online.microsoft.com)
Date: 03/06/04 

Date: Fri, 5 Mar 2004 18:02:04 -0800

Hi Beth,

> My issue is that now, due to 'malicious code', my method of
> development and deployment is supposed to be modified, instead of M$
> devising a better way of addressing the issue at hand.

Some would say that moving to managed code is a "better way" of addressing
the issue. I'm not much of .NET developer (OK, I'm not a .NET developer at
all) since Access has always met my needs. In a file based database, there
are limited options available for preventing hackers from affecting your
application.

Technically, you don't have to change anything about how you develop and
deploy; you can continue doing things that way you already have. As long as
this meets the needs of your customers you have no compleling reason to
change.

> Even using the method you describe, it would still set the security
> level to Low, thereby leaving the 'client' pc open to potential risk
> factors. Is this not an accurate statement? Or is the security level
> only modified for that particular instance?

The security level is only lowered for the single instance of Access that
is launched by the script code. All other instances launched would use the
default security level.

> I don't deploy this to 'a' client. This product is sold world wide to
> fortune 100 companies as an enterprise wide solution. Their IT isn't
> particulary fond of loading 'public' anything from outside sources on
> all of their company computers.

"Public" in this instance does not refer to THE public, as in the public
domain, rather it referese to a specific piece of a digital certificate.
Every certificate has both a Public and Private key. These two keys
together are used to allow developers to sign code (Private Key) and users
to determine if the code has been altered (Public Key). Every signed file,
whether Access or others, contains a Public Key. This little workaround
just forces a specific type of Public Key onto the computer. For various
reasons, this particular workaround is not particularly trustworthy, but it
is available as an option if you have applications deployed to companies
who are going to run Access in Medium or High security and you don't want
to use a comercial certificate.

> It may not be anything new, but it appears that it is becoming
> necessary. And not everyone used to use Digital Signatures.
>
> Just my $.02 worth, but I personally think its ridiculous.

Unfortunately I think it is becoming more necessary to use digital
certificates as a way to protect computers from maliceous individuals who
have too much time on thier hands. I know that not everyone used to use
Ditital Signatures, but then again, not everyone used to lock thier houses
either; the times they are a changing.

What's rediculous is that every time I get an e-mail I have to wonder if
opening it will erase my hard drive. All software companies can do it
attempt to mediate the threat, someone else is going to have to stop the
individuals that are threatening us.

I do understand your concerns and the challenges this causes. Making
security better and easier is a top priority for a lot of people. In the
mean time, I think the security we have is better than no security at all. 

-- 
Regards,
Mike Wachal
Microsoft Corporation
This posting is provided "AS IS" with no warranties, and confers no rights.
On 4 Mar 2004 07:28:38 -0800, Beth wrote:
> Hello Mike,
> 
> First I apologize for my delay in responding to posts.  I do not
> access the newsgroups on a regular basis but via Google.  Secondly, I
> didn't mean to suggest that you hadn't 'read' my post, but that you
> hadn't 'read my concerns' within the post.  A difference not worth
> discussing right now, but I don't doubt that you did read the lines
> within the post.  Enough said on that issue.
> 
> My point in the posts has been, and still is, that as a developer for
> a software product which has been a 'great' product through the use of
> M$ Access has been a wonderful experience.  Access is a powerhouse of
> a tool which a lot of people do not understand or recognize the
> potential they have with this product, especially when used in
> conjunction with a backend such as M$ SQL Server.
> 
> My issue is that now, due to 'malicious code', my method of
> development and deployment is supposed to be modified, instead of M$
> devising a better way of addressing the issue at hand.
> 
> Even using the method you describe, it would still set the security
> level to Low, thereby leaving the 'client' pc open to potential risk
> factors.  Is this not an accurate statement?  Or is the security level
> only modified for that particular instance?
> 
> Quote:
>> If you write deployment packages for your applications, you would need
to
>> modify your deployments so that the shortcut points to the launcher
>> application rather than your database file.
> 
>> Another alternative to bypass the warning would be to sign the database
>> with a SelfCert created using the cetificate creation tool that is
included
>> with Office 2003. While these certificates are not usually trustable on
a
>> client computer, you can export the Public Key of this type of a
signature
>> and then have your client install the Public Key on thier computer,
which
>> then allows them to trust the certificate, thus eliminating the warning.
> 
> I don't deploy this to 'a' client.  This product is sold world wide to
> fortune 100 companies as an enterprise wide solution.  Their IT isn't
> particulary fond of loading 'public' anything from outside sources on
> all of their company computers.
> 
> Quote:
>> Digital signing is nothing new, and it certainly isn't unique to
Microsoft
>> or Office. Many companies digitally sign thier code in this same way.
This
>> is just a new thing in Access 2003 and an important step in making
>> computers more trustworthy for your clients.
> 
> It may not be anything new, but it appears that it is becoming
> necessary.  And not everyone used to use Digital Signatures.
> 
> Just my $.02 worth, but I personally think its ridiculous.
> 
> Respectfully,
> 
> Beth

Relevant Pages

  • RE: Deny access to copy files
    ... "I think the above should work, I know it is restrictive to the developer, but we are trying to find a solution aren't we?" ... To achieve a acceptable security processing much of the responsibility is left to the programmer. ... Microsoft.NET Framework Developer's Guide, Introduction to Code Access Security, ... BDO Kendalls is a national association of separate partnerships and entities. ...
    (Security-Basics)
  • Re: creating "runas" shortcut through vb script
    ... Our experience is that when someone (i.e. the developer of the software) ... poor job of designing the security in properly in the first place. ... Dim strAppPath, strWorkDir, strIconPath ...
    (microsoft.public.scripting.vbscript)
  • Re: Access 2010 for software development
    ... Others seem to think you want to produce an Access 2003 MDE with Access ... user/group level security (for what that is worth, ... applications are sufficiently simple that an experienced developer can ... The applications I create with Access for my clients are "bespoke" ...
    (comp.databases.ms-access)
  • Re: Sharepoint - Security Logistics Nightmare?
    ... there is no item level security - security for a doc lib is at the doc lib ... If you dont belong there, ... No one else in the company can view my private ... > Invoices should be private between each developer and HR. ...
    (microsoft.public.sharepoint.portalserver)
  • Re: RunTime For Dummies?
    ... to get the the developer toolkit with runtime license and ADE's. ... Whether it works worth the price I can't say. ... All my custom settings worked fine in the rt environment. ... I did a test deployment with the new A2007 rt and noticed that db ...
    (comp.databases.ms-access)