Oups,
Sorry about the two messages. I wrote this one on mail client. When I sent
it, the mail client asked to me a password. I have stopped the transaction. I
could not believe that the message will post without confirmation so I sent
it another time!!
"belu33fr" wrote:
> Hi,
> My issue is on the view with View_metadata. Access 2003, Sql 2000 and 2005.
> Lasted SP.
> Because I had some problems of read only with this type of view (only in
> Access), I were looking for a solution. I founded that this type of view
> must have all primary key of each table selected and the view could be a
> delete, read, insert and update view. I were surprise of this because it was
> only in Access.
> Becaue of this, it was a possible whole of security and I decide to make
> some tests.
> I made a database with 3 tables. I made a view with 2 tables and with
> VIEW_METADATA. I created all triggers on this view. I try it. All is fine. I
> made an user without access on table but grant access on the view (except
> DRI). I try it on the database. This user can not view and access directly
> to the table. The only possible thing is use the view. It's fine, he can
> create, modify and delete data in the database. The security is ok, the user
> can not see the real database and the scheme of it.
> Unfortunately, I open the view in design mode ... and surprise: I can read
> all about the query, see the definitions of the tables. Of course I can not
> modify the query but I can see ALL. I thought that something was wrong in
> security access. Nothing directly, member of public standard group (we can
> not exclude somebody from this group), nothing special in the public group
> security.
> Question: How msaccess can read this scheme because it has nothing granted
> execpt the use of this view? Now, I stop because I dont want say more how
> use this question.
>
>
|
Similar Threads
