Today I worked on a client's system where the developer had disabled export from the menus. They needed the data out. I got called in to fix the problem but it turned out that nobody had the full access password, and the developer was overseas on holiday.
After spending some time working through password possibilities, it occurred to me that the export restrictions were caused by the disabling of the command in the menus. So I tried the backdoor approach, and it worked. This highlights the difference between securing the interface, and security at the record level.
My "back door" method took only a couple of minutes to complete.
1) Create a new database file.
2) Delete the table that is created by default.
3) Add an external data reference to the main database using the user-level account.
4) Add a TO of the external table.
5) Create a layout to display the external table TO.
And voila, the entire data set is available via an interface with full menus. That's because the security was provided by the original interface, yet we've simply by-passed it. It can be fixed by disabling the ability to export in the user account privileges in the original file.
FMP 11 adds additional security by optionally requiring a full access password to allow the file to be added as an external data source.
No comments:
Post a Comment