locked
Application access without user access to network folder with database? RRS feed

  • Question

  • The application I am working on (Windows Forms, C#, .NET, Visual Studio 2005) is installed on each user´s computer. The MS Access database that is common for all users is placed on a shared network folder. The users belong to a group with access to the folder. This works good.

     

    For security reasons I would not like the users to have the ability to copy the access database. Is there any way to give the application permision to the folder instead of the users, and by that avoid that users have the possibility to copy the database?

     

    In task manager, the processes have a User name. Could this be altered during development to a fake user name, an then let that fake user get permissions to the database folder?

     

    Best regards

    Emelie

    Tuesday, September 16, 2008 12:11 PM

Answers

  • The minimum access required to copy a file is read, so as long as the users have read access the file can be copied. File-based databases don't offer much security in this respect.

     

    The only other solution I can think off would be to have your application impersonate a user which is designated to have full permissions to the database folder. This way only your app would have access to the database (through this user) and all other users would have all permissions to this folder revoked.
    Tuesday, September 16, 2008 1:18 PM

All replies

  • The minimum access required to copy a file is read, so as long as the users have read access the file can be copied. File-based databases don't offer much security in this respect.

     

    The only other solution I can think off would be to have your application impersonate a user which is designated to have full permissions to the database folder. This way only your app would have access to the database (through this user) and all other users would have all permissions to this folder revoked.
    Tuesday, September 16, 2008 1:18 PM
  • Thank you!

    I have been searching for information on how I could have the application (C#) impersonate a user, but I did not succeed. Could someone please give me a link to where to find information about it, or describe it to me?

     

     

     

    Saturday, September 27, 2008 10:06 PM
  • Monday, September 29, 2008 6:47 PM