Re: How to secure an Access database.

From: david epsom dot com dot au (david_at_epsomdotcomdotau)
Date: 05/17/04 

Date: Mon, 17 May 2004 19:11:44 +1000

> What I'd like to do is become "dbuser" to open the DB connection and then
go back to the regular user. I've searched all over the web, but can't find
a way to do this.

If you 'go back' to the login user, then you can't use the dbuser
permissions anymore.

Ok, so you use impersonation or create two processes: one as
dbUser, one as Login User. Now, you have to communicate between
those two processes. There are a number of ways of communicating
between separate processes: memory, file system, messages,
semaphores: None of which you are going to learn about in
vb.database.ado :~(

If you want a vb.database suggestion: I suggest that you just remove
browse permission from the share.

(david)

"robher" <anonymous@discussions.microsoft.com> wrote in message
news:49A7EAB0-3BF6-4744-BF18-74AF9AAF3EFB@microsoft.com...
> I'm building a database application with a Visual Basic 6.0 frontend and
an Access database using ADO.
>
> As a security measure, I'd like to make sure that users can only access
the database through the frontend. To achieve that, I've put the DB in a
folder that can only be accessed by a one user: "dbuser" (created
specifically for the application). I use the Windows API function
"CreateProcessWithLogonW" to run the application as "dbuser". This way,
users have no access to the MDB file but the application does.
Unfortunately, this poses some problems because other parts of the program
need to be executed with the users' permissions.
>
> What I'd like to do is become "dbuser" to open the DB connection and then
go back to the regular user. I've searched all over the web, but can't find
a way to do this.
>
> Any ideas?
>
> Or maybe I'm just going about this the wrong way. If there's a better way
to secure Access databases I'm open to suggestions.
>
> Regards,
> Roberto

Loading