>>Sorry Lutz, but I do not think you do understand how VFP works in this respect. EXECSCRIPT() does not hide public variables or loaded objects or forms. You still can access and use them. Classes that are already loaded into memory can be instantiated with CREATEOJECT(), you can dump memory and analyze what variables have been set and used.
>>
>>Just an execscript() or a calling a PRG from outside does not give you any protection on accessing resources from inside the executable. There are many, many ways to get at everything in the executable itself.
>
>Sorry Walter, it's to late today. I can not follow you. I have said not a bit other then your last statement, so I do not understand what you are refering to.
>
>Can we agree that a function like the one mentioned opens an extra door? And that one has to know what one is doing and at least to think about side effects?

Its an extra door to what is already open. if you need an external prg to do whatever..., it will mean that the PRG is able to get access to the resources anyway, whether or not through something like a DoCmd function in the executable.

So if you're using external PRGs the DoCmd function is not going to open extra doors that were not already open anyways. If someone wants to do something bad they don't need that extra door. Closing down the DoCMD is doing absolutely nothing to security or protection of your code.

Walter,