Re: limiting table access and RWOP queries
- From: "Chris Mills" <phad_nospam@xxxxxxxxxxxxxx>
- Date: Mon, 12 Sep 2005 19:27:36 +1200
> A query that is created through VBA code, does run with the
> permissions of the user who created it, and in that sense, it is
> /always/ an owner permission query: it can not /not/ be one!
>
That's a bit out-of-context IMHO TC, your description is correct though
burbled (from too long underwater? <g>).
An RWOP query, in any sensible security meaning, means the owner of the
database. And that can't be created on-the-fly with VBA code, the "owner"
becomes the user in that case, which is useless and as you state.
The best I could achieve (assuming stored RWOP queries are themselves
insecure), is that RWOP SQL statement can be written, by the owner of the form
at design-time, direct into the recordsource. That can only be recovered if
they use the kindness of Jeff Conrad and Tony Toews to recover them. (I'm
learning)
Also: whereas I think there are not much design secrets in a table, there may
well be clever stuff in a query. Mine are so weird that not even I know how
they work. Seriously, I can see a good reason to hide queries, as against
tables, (or data but that depends on the reason). OTOH complex queries can be
assembled in VBA to rely on simpler RWOP queries, but then they would be
stored RWOP queries which don't seem very secure to me.
Chris
PS I don't disagree with much of what TC says, just how. I cannot speak as to
my own tongue-tied-ness. Clear as mud, as they say!
.
- Follow-Ups:
- References:
- limiting table access and RWOP queries
- From: John Welch
- Re: limiting table access and RWOP queries
- From: TC
- limiting table access and RWOP queries
- Prev by Date: Re: limiting table access and RWOP queries
- Next by Date: Re: limiting table access and RWOP queries
- Previous by thread: Re: limiting table access and RWOP queries
- Next by thread: Re: limiting table access and RWOP queries
- Index(es):
Relevant Pages
|
