ACC: Connection String Is Accessible in Secured Databases

 Last reviewed: May 27, 1997
Article ID: Q135378
The information in this article applies to:
  • Microsoft Access versions 2.0, 7.0, 97

SYMPTOMS

In a secured Microsoft Access 2.0, 7.0 and 97 database, a user with Open/Run permissions for the database can create a new module and obtain the connection string of any linked (attached) table in the database even though the user has no Read Design permissions for the linked table.

STATUS

Microsoft has confirmed this to be a problem in Microsoft Access versions 2.0, 7.0 and 97. We are researching this problem and will post new information here in the Microsoft Knowledge Base as it becomes available.

MORE INFORMATION

The Connect property for a linked table is available through Visual Basic for Applications (or Access Basic in Microsoft Access 2.0) even when the user has no implicit or explicit Read Design permissions for the linked table. If the user can open a secured database and gain access to the Database window, the user can create a new module. Once in a module, the user can create the code below to obtain the connection string for a specific linked table.

Steps to Reproduce Problem

  1. Create a module and type the following line in the Declarations section: 

          Option Explicit

  2. Type the following procedure: 

          Function GetConnect (mytable As String)

             Dim mydb As Database
         Set mydb = CurrentDB()
         GetConnect = mydb.tabledefs(mytable).Connect
      End Function


  3. To test this function, type the following line in the Debug window
   (or Immediate window in version 2.0), and then press ENTER.

    

          ? GetConnect("<attached table name>")

    
   Note that the connection string for the linked table is displayed even
   if the user has no Read Design permission for that table.

    

REFERENCES

 


For more information about Connect property, search the Help Index for
"Connect property," or ask the Microsoft Access 97 Office Assistant.
 

	
	

	















	






Keywords            : kbusage ScrtPerm

Version             : 2.0 7.0 97

Platform            : WINDOWS

Hardware            : X86

Issue type          : kbbug

Resolution Type     : Info_Provided








THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND.  MICROSOFT DISCLAIMS
ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  IN NO
EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR
ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL,
CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF
MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.  SOME STATES DO NOT ALLOW THE EXCLUSION
OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES
SO THE FOREGOING LIMITATION MAY NOT APPLY.






	
	Last reviewed:  May 27, 1997
	

	© 1998 Microsoft Corporation. All rights reserved. Terms of Use.