>Hello,
>
>I have developed a C/S app that uses views almost exclusively. The only problem I see that is anyone who has VFP and can log into the SQL*server database (or Oracle) can do anything they want with the data (based on backend security of course).
>
>The issue I have is that while in the program we restrict the user's access to certain items, but through the back door the program restrictions are turned off.
>
>Not a showstopper yet -- but it could be one day -- any ideas?
>
>kevin

Kevin,

Take a look at SQL Server 7.0 Application Roles. They are specifically designed to do what you are looking for. I don't know if there is an equivalent in Oracle.