Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

EXCEL spreadsheet to INFORMIX through ODBC

6 views
Skip to first unread message

N

unread,
Jun 20, 2003, 6:59:02 PM6/20/03
to
Hi all,
I set up an Excel spreadsheet to our production database
through ODBC driver to get a report. Everything was working
fine, and life was good until I found a little problem with the
SQL tool in Excel. Normally, to get a report Excel will write
a select statement according to criterias that the users input/
choose. It also allows anyone to Edit the select statement it
writes in a little box. What I did was changing that select
statement to delete/update statement. And it ran. What
surprised me was that it actually ran the statement against
the database and delete/update tables accordingly. This is
not what we want. I have not been able to find any options
to turn this thing off so that the user cannot edit the generated
select SQL. I know all the permissions the user has are
defined through the username that is defined in ODBC.
We don't want to change all the user permissions on the
database side. Is there any other way ?

MS Excel 2000
IDS 9.30 UC1
Dynix/ptx V4.5.3

Thanks
N.


Paul Watson

unread,
Jun 21, 2003, 3:52:40 AM6/21/03
to
AFAIK you need to revoke update/delete permissions for the ODBC user.

Bottom line, if the user has odbc access to your database then
they can submit any valid SQL statement, it is up to the
DBA to prevent the engine from allowing it to execute.

--
Paul Watson #
Oninit Ltd # Growing old is mandatory
Tel: +44 1436 672201 # Growing up is optional
Fax: +44 1436 678693 #
Mob: +44 7818 003457 #
www.oninit.com #

Netrista Khatam

unread,
Jun 23, 2003, 10:35:02 AM6/23/03
to

Hello N.,
What ODBC drivers are you using? Native? I know that my own company's drivers implement a variety of features, which are designed to prevent unauthorized database updates. They range from simple read-only check boxes on the client to advanced server-side security rules. Quite possibly, your driver may have such features?
Netrista Khatam
Technical Services Manager
OpenLink Software
Universal Data Access & Virtual Database Technology Providers
http://www.openlinksw.com

Kingsley Idehen

unread,
Jul 2, 2003, 1:54:37 AM7/2/03
to
"N" <N...@N.COM> wrote in message news:<WkMIa.917$Wl1...@newssvr19.news.prodigy.com>...

Your problem is only resolved by using a driver that enables you to
configure conditional behavior (OpenLink Software provides Multi-Tier
ODBC Drivers with this capability). In this case the Driver could be
configured to ensure that if Excel is the ODBC client all ODBC
connections will be read-only. You can even be more granular, and
have the driver actually permit specific users to have read-write
capabilities from Excel depending on the rules that you set.

You can download these drivers on a free evaluation basis from:
http://www.openlinksw.com


Regards,
Kingsley Idehen
OpenLink Software
http://www.openlinksw.com/blog/~kidehen

0 new messages