The user will get the permission to read and can still copy the data. You can move the data to SQL Server or put all data access into a COM+ component that uses impersonation to access the data on the server as a different user.

>My client has fears that one of his users might download the executable and data folder onto a CD, and take off with it (for sale to a competitor). I have thought of the startup portion of the executable secretly checking for a hidden text file on a separate computer on his local network (continuing only if it exists). This could stops program usage against his data, but the raw data would still be available.
>
>My next thought was to limit user access to the data folder through share permissions. In this case permission to read would only be given to the program … not to any human user other than the administrator. (The administrator is the boss.) Can this be done? Would the data really be inaccessible to all but the program? What steps would be required in the VFP application to get this approach working? etc. etc.
>
>And of course ... how about a totally different approach.
>
>Bob