I'm thinking that user level security would be used at the time the
link is initially established in the FE application. Then if the FE is
saved with this link established, anyone could open the FE and open
the linked table.
Am I wrong about this?
Really, it should be a design-time decision; at least it's an early
implementation consideration. The overall plan in a nutshell is to:
+ remove _all_ privileges from users on the tables and
everything in the back end.
+ define queries that allow users to write/ see the data
they need, and give the queries Run With Owner
Permission. This means that the queries run with your
access level (e.g. Admin) so that the users can do what
they need to. The users have read and write permission
on the queries (i.e. they can interact with the data),
but not design (so they can't rewrite the query itself).
+ In the front end, the users need to be able to see the
various GUI objects like forms etc, but not design them
or create new ones.
Bear in mind that you need to read all the instructions before securing a
database in Access -- at worst you can lock yourself out of your own
data; and it's easy to leave holes too. Once it's working, though, it's
pretty secure against anything less than a really determined effort. If
you absolutely have to lock up everything, then you need a proper RDBMS.
Look here for more info:
http://support.microsoft.com/kb/q165009/
http://www.vb123.com/toolshed/00_accvb/accesssecurity.htm
Hope it helps
Tim F