John,

a COM object could be run under another account than that of the user. The user has rights to create and access the COM object, but does not have the right to access the DBFs.

In remote control for example TS, you can have rights to access the application, but no other rights whatso ever. You´re not able to browse or open DBF files depending on how things are set up.

Walter,

>>- Security can be reached by using COM/DCOM/COM+/remote control/ layers which shields the database from the user.
>
>Walter,
>
>Given that this is an issue that usually comes up at every prospective client meeting/demo, I was wondering if you could please go into more detail on this point since I'm very curious about how you implement this. I think the key security aspect would be the data files sitting in a shared network directory and other users on the network having access to that shared data via ODBC or OLEDB. Would the VFP layers that you speak of successfully prohibit any user from making modifications to the data?
>
>Laterness,
>Jon