Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Windows File Shares?

Status
Not open for further replies.
diarmaid

diarmaid

Programmer
Jun 27, 2003
34
IE
I've been told that using "Windows file shares" to run an application/database access is bad from a security viewpoint. Can anyone say what the weakness is or what the alternative is?

The application is a native Visual Foxpro application with its own database (non-SQL), so users need full r/w access to the common SHARED folder on the server ...
 
Sort by date Sort by votes
Most likely the application requires the presence of a root drive in order to run ex) M:app.dbf (for instance) as opposed to running from F:\dir1\subdir1\sub2\app\app.dbf. Since the application is non-SQL as you have indicated, you would definitely r/w access in order to update it. Any other constraints would have to be applied from within the db application.
In terms of security you should limit the share's access to users of the application (even if it's everyone -- create a separate group for it)
HTH
 
Upvote 0 Downvote
Thats a major problem with using something like Foxpro or Access. Those products are not really suitable for critical applications in an "enterprise" environment. Your users MUST have read/write access to the share for your users to be allowed to update the data. That's why you need a database product designed for a multi-user/network environment. As stated by itsp1965, the "best" you can do, if you can't migrate to MySQL, Sqlserver, oracle or something, is to control access through windows usergroups and hope none of your authorized users do something like accidentally delete your dbf file. Another big problem we have encountered with similar MS Access "databases" is users trying to create shortcuts to the original database but instead making copies of the database on their local machine. You then end up with multiple copies of the db scattered around the office being updated by different users, and you dont notice it until somebody figures out that data is missing from the master copy. You then spend a few days ferreting out the duplicate copies and trying to clean up the data.

I havn't seen foxpro in a long time, but if its anything like MS Access, and if you have the source code for your foxpro database its not too hard to modify your application to serve as a "front end" application and "connect" the application to a "Back end" sql server database of some kind. Then you give your users read access to the application share and you dont need a share for your data, you just connect to it from inside your application.

The bottom line from a security standpoint is that in order for your users to use the application they have to be granted a level of access to the share that would also enable them to cause a lot of problems, and there's not really any way around it that I know of.

 
Upvote 0 Downvote
Thanks people for the pointers!
It seems to me that SQL in some form is the way to proceed ...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
259
Aquiles Vidal
Aquiles Vidal
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
307
suncit
suncit
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
221
antonio_dsanchez
antonio_dsanchez
mangentle
  • Locked
  • Question
What are the key advantages of using Microsoft Windows Servers for businesses?
Replies
1
Views
383
gbaughma
gbaughma
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
270
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top