User level security re: front-end and back-end

[Guest]

I have a database with a back-end and two different front-ends.
One front-end needs to be protected in such a way that all users can only
read tables, no edits or updates are allowed even via queries. Can this be
done without affecting the other front end which may read, update and delete
the same data? Or does all security have to be applied to the back end?

 

[Rick Brandt]

I have a database with a back-end and two different front-ends.
One front-end needs to be protected in such a way that all users can only
read tables, no edits or updates are allowed even via queries. Can this be
done without affecting the other front end which may read, update and delete
the same data? Or does all security have to be applied to the back end?

It depends on how much your users know about Access and whether you are
attempting to deter honest mistakes or prevent malicious hacking.

In the Read-Only front end you could delete all table links and replace them
with queries that use the IN clause to pull data from the remote tables. These
would have SQL like...

SELECT *
FROM TableName
IN 'Path to the DataFile.MDB';

Since these are queries you could then set the Recordset Type to Snapshot and
this would render them as Read-Only.

Your users of course could simply open the queries in design view and change the
RecordSet Type to Dynaset and then the data could be changed. They could also
open your back end file directly and change whatever they want. If these are
concerns of yours then you have to apply User Level Security to ALL of the
files. Even that can be easily broken by those who know how or know where to
get the tools.