2 Replies Latest reply on Jul 28, 2013 6:50 PM by carojo

    Restricting External File Access issue

    carojo

      Hi

       

      I have developed a FM12 solutions that another FileMaker dataabse needs to access.Done plenty of multi-file solutions in the past but the issue here is that the second file has been developed by an inexperienced user and the security of it is not under my control - for example all current accounts in this second file have been given full access privileges!

       

      After some investigation I had hoped there may be away to allow this - essentially creating the same account names in my solution but with restricted access through privilege sets (which works fine when the user opens my file to access a related record) - but I'm now having my doubts. I followed the steps suggested in the FileMaker Training Series - but I find while they identify the security issue (p8-7)

       

      A user who has access to the data in your file through an external file reference will still be bound by the restrictions of their privilege set (thus unable to view or edit data that is outside of their privilege set), but they could create a layout in the external file showing the raw data of your FileMaker Pro file.

       

      Enabling the "Require full access privileges to create references to this file." under File Access on my file does not behave as suggested:

       

      You have now locked access to your file. Only someone with full access privileges in both an external file and this file can create external table occurrences from this file in other files. Users with lower privileges will not be able to create references to this file, but will be able to use any table occurrences based on references to that file that already exist.

       

      Presumably becuse my file has authorised access from the second file the above does not hold true - ie a test user account with full access to second file and restricted access to mine can still "create a layout in the external file showing the raw data" from my database.

       

      If I deauthorise this file's access then I find the statement that they "will be able to use any table occurrences based on references to that file that already exist" does not hold true (instead they are prompted to enter full admin login to my file).

       

      I'm not sure if I'm missing something here or if this area of security is problematic (seems possible from browsing a few other posts here).

       

      I guess I have the option of locking down security at the field level and running scripts with full access privileges but it's not my preferred solution.

       

      Any other ideas or feedback?

       

      Thanks

      Caroline

        • 1. Re: Restricting External File Access issue
          RubenVanDenBoogaard

          Hi Caroline,

           

          Yes, if the starter file has unlimited access to account John and your solution had restricted access to account John, it is possible to create table occurrences in the starter file for your solution and access the fields (you can limit the access of the fields, but that could harm your solution)

           

          An easier solution is to give the account John no access to your fields, and make a different account John1 with normal access to your file.

          Then use a starting script to relogin a user John into the John1 account to be able to work with your solution. Since the users don't have the John1 credentials

          they can not access your fields from the starter file.

           

          Hope that helps,

           

          Best regards,

           

          Ruben van den Boogaard

          Infomatics Software

          ruben@infomatics.nl

          • 2. Re: Restricting External File Access issue
            carojo

            Hi Ruben

             

            Thanks for the prompt response - I've been playing around with your suggestion and it seems this should work for me. In fact setting up an account with the same login with Read Only access to my database seems to avoid the security issues I'd previously encountered whislt still enabling the required info to be viewed in the unsecured database. Then I can use re-login with a hidden account if the user needs to open my database to make updates there as you suggested.

             

            Thanks again - your help has been a real time saver for me.

             

            All the best

            Caroline