Is there a way to configure Base so that an Admin (super-user) has full access (edit, create tables, etc.), but regular users can only enter DATA in forms and run / view reports???
You can place passwords on macros. You can hide the main startup and start the user process with a form. You can create standalone forms using Switchboard - click here. But in all actuality, except for the macros, there is no 100% guarantee to completely shut out users from the application.
If you want a more secure alternative, I think the best is to use LO Base as a front end to something like MariaDB, MySQL, PostgreSLQ, etc. Possibly also a split HSQLDB data base.
In other words don’t use the Embedded database (HSQLDB) which can only be made as secure as the entire *.ldb file is secure.
These other alternatives have lots of security built in, and fine tuning is possible, e.g. by user and table, etc.
The user will need to authenticate (with username + password) when connecting (starting up the application) using these methods.
!! Keep in mind that there is nothing that is really secure. There are only degrees of confidence. If someone who is talented and resourceful, and perhaps even federal wants to get at what you have they probably can, one way or another. But you can make it hard for them. And you can limit what you have to protect, so that it’s not worth their trouble. Security is almost always relative rather than absolute. If someone else has a bigger prize to steal, and it’s easier to get into their stuff, then the black hats will PROBABLY (statistically) spend their time on getting that thing, and leave your more minor and hard to get to stuff alone. But if you put a big shiny lock on nothing, that may also attract attacks. my 2c.