Using Access database and security concerns

[Nicolae Fieraru]

Hi All,

I am working on a web site in asp which will be hosted on a Windows 2003
server.

I use the following code to connect to the database:

Set objConn = Server.CreateObject("ADODB.Connection")
Set objRS1 = Server.CreateObject("ADODB.Recordset")
objConn.Provider = "Microsoft.Jet.OLEDB.4.0"
dbpath = "C:\WWW\dbfolder\database.mdb"
objConn.ConnectionString = "Data Source=" & dbpath
objConn.Open

The administrator of the server agrees to set the security for the database
to read/write by the internet user. He doesn't want to allow the root
folder for the database to have read and write permission for the internet
user. At present, when I open the database I can read it, but when I try to
insert or update records, it will fail if the root folder for the database
doesn't have write permission for the internet user, IUSR. As far as I know,
when the database it is open, it has to create a lock file (.ldb) in the
same folder where the database resides. I can place the database outside the
internet folder if I need to. I asked the administrator to create a virtual
folder on that folder and now the internet users can't browse the database
folder or to download it.
Do I need to setup a username and password on the Access database, is there
any point in doing that?
Please advise what is the best way of connection to the database in order to
have maximum security and what settings to I need to do in order to achieve
this.

Regards
Nicolae

 

[Ray Costanzo [MVP]]

The administrator of the server agrees to set the security for the database
to read/write by the internet user. He doesn't want to allow the root
folder for the database to have read and write permission for the internet
user. At present, when I open the database I can read it, but when I try to
insert or update records, it will fail if the root folder for the database
doesn't have write permission for the internet user, IUSR. As far as I know,
when the database it is open, it has to create a lock file (.ldb) in the
same folder where the database resides.

You are correct. So, for this reason, as it seems you know, the IUSR
account needs permissions to modify the ~directory~ in which the mdb exists.
It seems to me that server guy isn't employed by a hosting company.

I can place the database outside the
internet folder if I need to.

I suggest placing the database wherever makes sense to you and whatever's
easiest for you. Just make sure that IIS will not allow anyone to download
the file. (Turn off read writes in IIS.)

I asked the administrator to create a virtual
folder on that folder and now the internet users can't browse the database
folder or to download it.
Do I need to setup a username and password on the Access database, is there
any point in doing that?

If someone is able to download your database, there are tools he can use to
get in. So, passwords in Access are generally meaningless. They're good in
a small office somewhere where you don't have any "computer-savvy" people.
But, in the scope of the entire world, it doesn't make a difference.

Ray at work

 

[Nicolae Fieraru]

Hi Ray, thank you very much for your reply.

The server administrator is a guy I used to work with, he is still with my
previous company.
I do web design by myself. The customer has chosen me to do the web design
and they chose my previous company for further advice. They advised them to
buy a server from them and now I have to work with them in order to setup
the web site I made.
He told me he can't give me write permission to the root folder to the
database folder, because that creates a security breach to the server (for
the security concerns he didn't give me ftp access either ). Now, the
customer listens only to what he sais and if he sais my web site is not
secure enough, I am in big trouble, because my customer has no technical
knowledge and they completely rely on what this guy tells them.
From what you say here, I understand that there is obligatory to allow
the internet user write permission for the database folder, right?
Is this safe enough, or it can create security problems? If that is the
case, is there a safer method which would keep happy my former coleague and
the customer?
I am asking you again because I just might send your reply to my
customer, in case the needs arises.

Regards,
Nicolae

 

[Bob Barrows [MVP]]

<sigh>
Yes, if the database is in the root of the C: drive, then he's correct that
giving IUSR this access would be a security problem ...

However, nobody is suggesting that the database be in the root of the hard
drive are they? What possible harm can be done to the server if IUSR is
given read/write authority (NOT Full authority) to a subfolder on that hard
drive? The administrator needs to be encouraged to do some research.

If using Access, then there is no alternative: IUSR (and possibly IWAM) MUST
have read/write (aka Change or Modify depending on the OS) permissions for
the folder containing the database file. The only alternative is to switch
to using a server-based database such as SQL Server, or MySQL, or PostGRE

Bob Barrows

 

[Nicolae Fieraru]

Thank you very much Bob for your reply.