(Linux RedHat 9 Enterprise, with Windows 2000/XP workstations...)
Our client has an access database "MH" that we wish to isolate and treat as an "application" . To do so, this is my plan:
Create an "/home/MHDB" directory, make it a SAMBA share
Create a Linux user group called "MHDBUsers"
chown the MHDB directory as "root:MHDBUsers"
Place the access database file(s) in the "MHDB" directory
My question is, what kind of SAMBA or Linux file permissions can I set on the MHDB directory that would prevent users from being able to place just any file they want in that directory, or deleting the database file(s) that will be used there? Is that simply impossible? Do they need full 770 permissions to the directory in order to open and use the access database?
The goal is twofold:
1. To keep the directory as "clean" as possible... by not allowing users to put other files there other than what's already been placed there by me. If they browse the server, and can get into that folder, they should only be able to "run" the database file... not put new files in there or delete what's there. (I assume that there will be a need to allow creation of the ".ldb" files that MS uses to "lock" the DB, so I'm not sure quite how this would work.)
2. To allow only specified users to run the database, without using permissions within the database application (MSAccess) itself.
Looking for some "best practice" advice... treat the MSAccess db as you might consider any other "shared application", and let me know what YOU might do!
Thanks once again. These forum are an incredibly valuable resource, and everyone that's ever responded to my questions has been SUPER. You are all very much appreciated!