About Microsoft Jet Expression Service sandbox mode

Microsoft Office Access 2003

previous page next page

Show All Show All

About Microsoft Jet Expression Service sandbox mode

Microsoft Office Access 2003 uses the Microsoft Jet Expression Service to evaluate expressions. The Jet Expression Service can be configured to run in sandbox mode. Sandbox mode is a mode of operaton where only safe expressions can be evaluated.

About unsafe expressions

Unsafe expressions contain functions that could be exploited by malicious users to access drives, files, or other resources for which they do not have authorization. If malicious users have access to these resources, then they may be able to perform actions such as deleting all of the files from a folder, tying up a network resource, or modifying a file.

To make your Access databases (MDBs) and projects (ADPs) more resistant to malicious attacks, you should enable sandbox mode. Sandbox mode allows Access to be fully functional while blocking unsafe expressions.

Functions that are blocked in sandbox mode

The following functions are blocked when the Jet Expression Service is configured to run in sandbox mode. the functions cannot be used in expressions, but they can be utilized in Visual Basic for Applications (VBA) code.

ShowBlocked functions located in the Visual Basic for Applications (VBA) object library

Function Name
AppActivate
Beep
Calendar
CallByName
ChDir
ChDrive
Command
Command$
CreateObject
CurDir
CurDir$
DeleteSetting
DoEvents
Environ
Environ$
EOF
Err
FileAttr
FileCopy
FileDateTime
FileLen
FreeFile
GetAllSettings
GetAttr
GetObject
GetSetting
Input
Input$
InputB
InputB$
Kill
Load
Loc
LOF
Randomize
Reset
SaveSetting
Seek
SendKeys
SetAttr
Shell
Spc
Tab
Unload
UserForms
Width

ShowBlocked functions and properties in the Microsoft Access object library

Object Blocked Function/Property
Application AddAutoCorrect
Application AddToFavorites
Application ADOConnectString
Application AnswerWizard
Application Application
Application Assistant
Application AutoCorrect
Application BeginUndoable
Application CloseCurrentDatabase
Application CodeContextObject
Application CodeDb
Application COMAddIns
Application CommandBars
Application CompactRepair
Application ConvertAccessProject
Application CreateAccessProject
Application CreateAdditionalData
Application CreateControl
Application CreateControlEx
Application CreateDataAccessPage
Application CreateForm
Application CreateGroupLevel
Application CreateNewWorkgroupFile
Application CreateReport
Application CreateReportControl
Application CreateReportControlEx
Application CurrentDb
Application DataAccessPages
Application DBEngine
Application DDEExecute
Application DDEInitiate
Application DDEPoke
Application DDERequest
Application DDETerminate
Application DDETerminateAll
Application DefaultWebOptions
Application DefaultWorkspaceClone
Application DelAutoCorrect
Application DeleteControl
Application DeleteReportControl
Application DoCmd
Application Echo
Application ExportXML
Application FeatureInstall
Application FileDialog
Application FileSearch
Application FollowHyperlink
Application GetHiddenAttribute
Application ImportXML
Application InsertText
Application LanguageSettings
Application LoadFromText
Application LoadPicture
Application Modules
Application NewAccessProject
Application NewCurrentDatabase
Application NewFileTaskPane
Application OpenAccessProject
Application OpenCurrentDatabase
Application Parent
Application ProductCode
Application Quit
Application References
Application RefreshDatabaseWindow
Application RefreshTitleBar
Application ReloadAddIns
Application ReplaceModule
Application RunCommand
Application SaveAsText
Application SetDefaultWorkgroupFile
Application SetHiddenAttribute
Application SetOption
Application SetUndoRecording
Application SysCmd
Application TransformXML
Application VBE
BoundObjectFrame Object
Combobox Recordset
Control Object
CurrentProject AccessConnection
CurrentProject BaseConnectionString
CurrentProject CloseConnection
CurrentProject Connection
CurrentProject OpenConnection
CustomControl Object
Form Dynaset
Form Recordset
Form RecordsetClone
Hyperlink AddToFavorites
Hyperlink CreateNewDocument
Hyperlink Follow
ListBox Recordset
ObjectFrame Object
Report Recordset
SmartTagAction Execute
Screen ActiveDataAccessPage

How to enable sandbox mode

Follow these steps to enable sandbox mode:

  1. On the Tools menu, point to Macro, and then click Security.
  2. Click the Security Level tab, and then click Medium or High.
  3. Click OK.
  4. Restart Access.

Note  Enabling the sandbox mode setting applies to all users of the computer.

When are unsafe expressions blocked?

These functions are blocked only when used in expressions such as for a default value, a control source, or in a SQL statement. These functions are not blocked for use in VBA code.

How to use a blocked function in an expression

You can utilize a blocked function in an expression by wrapping the function in a public VBA function. For example, you can create the following VBA function in order to use the blocked CurDir function:

      
Public Function MyCurDir() As String

    MyCurDir = CurDir()

End Function

You would call the MyCurDir() function in your expression instead of calling the CurDir() function.

How to disable sandbox mode

Follow these steps to disable sandbox mode:

  1. On the Tools menu, point to Macro, and then click Security.
  2. Click the Security Level tab, and then click Low.
  3. Click OK.
  4. Restart Access.

Note  At this security level, macros are always enabled when you open files.

Note  Disabling the sandbox mode setting applies to all users of the computer.

previous page start next page