Some users will use the database as read-only and some will need to add, delete and update records.

Now, users that will be read-only on the database also have the read-only rights as windows permissions on the backend directory. What happens obviously is that the backend becomes read-only.
I thought using the access security thingy would counter that but it seems not.

So my question is, is it something I am doing wrong or is there really no other way ?

Thanks for any input.

Edit : Just for clarification, what I mean is when a read only users use the database, the users that should be able to add, delete or update database can't.

Access user level security is not going to change the permissions on the folder. ULS can control what your users can do.

I understood your question, it implies that ULS could somehow modify the permissions that you have set too stringently. You must set the folder permissions so that all users have add & edit permissions.