Re: Macro Warnings and certificates

Well there would be a definite advantage in allowing the user to authenticate
an application - i.e. it would be their decision to do so or not. And after
all, that is equivalent, in a way, to what we all do when we decide to
install (or not to install) a program on our systems.

Anyway, minor point. I can't believe that you can't automate this process!
Setting macro security to low is of course not an option - I could be sued if
somebody fired up a macros virus when I had recomended this setting across
all apps. Not a risk I would take with my customers.

I think I will have to leave the mde unlocked for the time being and do
things that way.

Thanks Wing

Think I need to explore this more

"Paul Overway" wrote:

> Rather that do what your envisioning, it would be better to just turn macro
> security off...either for your app or all apps. If you're not going to sign
> your app, there is no way to do what you propose short of shipping your
> source code and having your users go through the process of signing the app
> (if they have selfcert.exe)....which is not a user friendly process. Also,
> there are no security advantages for the user in what you propose other than
> the user would know if someone made changes to the app after they signed it.
> The user would have to understand your source code or trust that it actually
> came from you and that it isn't malicious....without a certificate. Hence,
> no advantage.
>
> You can turn macro security off through automation, if you aren't using
> runtime. Otherwise, you can turn it off through the registry when you
> install your app...but the registry change would apply to all apps and there
> is a chance that someone could turn macro security on again.
>
> --
> Paul Overway
> Logico Solutions
> http://www.logico-solutions.com
>
>
> "WingYip" <WingYip@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:F25D279E-27F5-44CA-A549-69FC2F83006E@xxxxxxxxxxxxxxxx
> > OK
> >
> > I dont want to spend a few hundred dollars every year on a digital
> > certificate to authenticate my Access applications so there must be
> > another
> > way.
> >
> > As the selfcert program only works on 1 machine I thought that if I could
> > allow each user to authenticate my apps through code in the app itself I
> > would not have to unlock the mde file in order to attach the certificate
> > for
> > each installation.
> >
> > Basically I want my users to click the authenticate button in their app
> > which will prompt to create a cert if one does not already exist and then
> > attach it to the app.
> >
> > Anyone know how to attach a digital certificate in VBA (ACC 2003)?
> >
> > Also if the app is using the runtime, what would need to be included in
> > the
> > intstall package to allow a user (through my app) to -
> >
> > a) generate a certificate
> > b) Attach the certificate to the project
> >
> > Cheers
> >
> > Wing
>
>
>
.