>Hi,
>
>I think almost every application has a configuration file that stores settings like application folder name, database folder name, and some other configuration settings. Currently I have them in a DBF table. Even though only user with certain permission privilege can access and change the setting - from within the application - anybody who knows how to use VFP can open this table and make a change. I want to change this table from DBF to an XML. Still the application access to the settings in this XML will be controlled by Admin password. But naturally anybody who knows how to use a Notepad will be able to open and make the change in this file. Mainly I want to give users ability to make the change without my assistance (if the person with admin password left or forgot his/her password). Do you think that having "unprotected" configuration file - XML - is a bad or good approach?
>TIA for any suggestions.
You are probably more secure using a DBF file rather than XML. At least with DBF the casual user is somewhat limited in tools that will allow him to open and edit the settings.
Make sure the your config file is readonly for anyone other than administrators (using windows permissions).
____________________________________
Don't Tread on Me
Overthrow the federal government NOW!
____________________________________