alcsy - good questions. Let me take a stab:
1. publish accde - this isn't supported. You can restrict using permissions users ability to modify and create new objects. We have a blog post on this topic nearly done.
2. Client verses web objects. If you want to sue VBA--use client objects. You can mix client and web objects if it makes some sense for your app to have a web interface.
3. There aren't any hard limitations for frontend users. We test 600+ users regularly.
4. There is a throttle for limit of records in the list for data that is stored in SharePoint. I think it defaults to 500,000 but don't remember for user. I strongly recommend prototyping your app against real data sets with real queries to get a sense of performance. It is nearly impossible to generalize perf characteristics because so much of it relies on the design of the app and types of queries you are using. We sort of think of most apps falling well under the 100,000 record range.
5. FE/BE for web apps. i would expect this to work fine.
6. SharePoint has a pretty robust model for security permissions on lists and items. You can do most anything outside of column level permissions. We don't make it easy to get to list and item level permissions but they are available if you work hard enough. Permissions are always enforced when you sync back regardless of what you do while offline. For example, if you update a list offline that you don't have permissions--SharePoint will block the update.
7. You can do it wiht data macros. I have a blog post nearly done on the topic. Expect it in the next couple of days.
8. yes. TEst performance characteristics of the types of queries you expect to write before moving too far.
I will see if we can hook you up with accesshosting folks. Watch your email.
Thanks for the questions.