ACC: Connection String Is Accessible in Secured Databases

Last reviewed: May 27, 1997
Article ID: Q135378
The information in this article applies to:
  • Microsoft Access versions 2.0, 7.0, 97

SYMPTOMS

In a secured Microsoft Access 2.0, 7.0 and 97 database, a user with Open/Run permissions for the database can create a new module and obtain the connection string of any linked (attached) table in the database even though the user has no Read Design permissions for the linked table.

STATUS

Microsoft has confirmed this to be a problem in Microsoft Access versions 2.0, 7.0 and 97. We are researching this problem and will post new information here in the Microsoft Knowledge Base as it becomes available.

MORE INFORMATION

The Connect property for a linked table is available through Visual Basic for Applications (or Access Basic in Microsoft Access 2.0) even when the user has no implicit or explicit Read Design permissions for the linked table. If the user can open a secured database and gain access to the Database window, the user can create a new module. Once in a module, the user can create the code below to obtain the connection string for a specific linked table.

Steps to Reproduce Problem

  1. Create a module and type the following line in the Declarations section:

          Option Explicit
    

  2. Type the following procedure:

          Function GetConnect (mytable As String)
    
             Dim mydb As Database
             Set mydb = CurrentDB()
             GetConnect = mydb.tabledefs(mytable).Connect
          End Function
    
    

  3. To test this function, type the following line in the Debug window (or Immediate window in version 2.0), and then press ENTER.

          ? GetConnect("<attached table name>")
    

    Note that the connection string for the linked table is displayed even if the user has no Read Design permission for that table.

REFERENCES

For more information about Connect property, search the Help Index for "Connect property," or ask the Microsoft Access 97 Office Assistant.


Keywords : kbusage ScrtPerm
Version : 2.0 7.0 97
Platform : WINDOWS
Hardware : X86
Issue type : kbbug
Resolution Type : Info_Provided


THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

Last reviewed: May 27, 1997
© 1998 Microsoft Corporation. All rights reserved. Terms of Use.