Open MS Access with OLEDB connection string and not have access create the .ldb lock file

Question

I have a program in C# that uses an MS Access database and I'm using OleDb to connect and do queries on that database. My issue is that I have some sensitive info in the database and I don't want it to appear as an Access DB. I changed the extension, but when I open it it still creates the .ldb lock file used by Access. I want to have the DB not create that lock file.

I have read many posts on the issue and it sounds like if I open the DB in Exclusive mode, it will not create that .ldb file. However, so far I have not found any connection string for OleDb that lets me specify Exclusive access to the DB. The OleDbConnection object in C# has no "Mode" member either, so setting exclusive access that way is out of the question.

If anyone has any connection strings that can open the DB in Exclusive mode, or if anyone knows another way to avoid creating the .ldb lock file in Access, the help would be much appreciated.

Thanks.

Answer 1

http://www.connectionstrings.com/access has an entry for Ecxlusive mode.

Answer 2

I would recommend using SQLite or another non-access option if you want to avoid lock files.

Trying to avoid the lock files is difficult at best. Even if you open the file in exclusive mode, JET creates these files at times.

If you're trying to store sensitive data, and you want to "hide" the type of file, another good option is VistaDB. It's a single file database, but allows full DB encryption. This would probably be a better approach than just trying to mask the fact you're using JET.

Answer 3

I have several databases with the Exclusive flag set, and I still get .ldb files created each time I open one. If you are really worried about security it's time to move to a 'grown-up' database.

Answer 4

You can't really hide that it's an Access database. Anyone can open the file in a hex editor (or even just notepad) and see a string like "Standard Jet DB" (Office 2000/XP/2003) or "Standard ACE DB" (Office 2007) staring right at them. Even if they don't know what that means Google will tell them soon enough. You use could a less-common database, but they will have similar weaknesses.

If you really want security, you're going to have to encrypt the database file and use an engine that will let you keep a decrypted version in memory (IIRC sqlite supports this, or will soon) or use an engine that supports encryption natively. Even then, you can have problems if the ram is paged to disc or if another process "sniffs" your app's ram.

---

A late update, but my attention was drawn back here today and I wanted to add that just about anything but Access will require you to distribute the engine with the application. You need to also take care that the files for the engine don't give it away as well. Access gets a pass because the engine is already part of windows. You might also try something that's open source, so you can re-compile it into your main application file.

Answer 5

Install SQL Server 2008 Express, use upsize wizard in Access, point to your Express instance.

Answer 6

You could also potentially use Sql Server Compact to do this. It is free and part of Visual Studio. It is actively used by Microsoft in quite a few products, including Windows Live.