T(>Subject: Re: Access security.
Quote:>When propertly implemented (which rarely happens), Jet security is
>breakable only by knowledgeable, determined hackers.
T(>Actually someone wrote and posted code to automatically exploit the
T(>CopyObject flaw. Still, not many people no about it.
Quote:>I'll still stand by my conclusion that Jet security is more often than
>incorrectly applied. The nature of the traffic I see in the newsgroups
>indicates to me that the typical problems people are having are due to
>improper implementation, not back-door holes in the system.
T(>I didn't mean my post as any sort of flame. Reading the Access
T(>newsgroup every day, I absolutely agree with you. "Anyone with Access
T(>can open my database" ranks right up there with "Can I create a
T(>completely secure .exe by using the ADT?"
I didn't take your post as a flame, but this subject seems to be so poorly
understood that I tend to go overboard a bit on it. I'll risk being
redundant to restate that anyone interested in securing an Access database
should get a copy of the security whitepaper. I'll also accept the
conclusion that if you need rock-solid security, Access is probably not
the best choice.
In my case, rock-solid security isn't necessary. I'm really only securing
my database to protect the users from their own errors and to restrict some
operations to only designated individuals. I don't think that any of the
people involved would be capable of exploiting the flaws in the system, or
would care to even if they could.
Never underestimate the power of a WAG.
* WR [NR] * UNREGISTERED EVALUATION COPY