Greetings,

Is it possible to do this under Windows 2000? What would be the techinque?

Thanks,

Greg

>xp does NOT allow to run OS shell from vfp appl running under
>different credentials.
>
>this is THE ONLY WAY to implement security in vfp.
>
>dbc EVENTS and encrypting DO NOT PREVENT opening the files with hex editor or
>simply deleting or overwriting the files with previous versions:
>it is easy to make backup, print fake invoice, receive money, then restore from backup. There is not any signs remaining that invoice is
>printed!
>
>Runnig with different credentials is the only way.
>
>>With VFP you are basically stuck with security for idiots... anyone with half a brain and the intent can do you harm.
>>
>>I like the idea of changing users rights when the launch your VFP app. I'm not positive but I think it's possible for the user to gain some of those rights at the OS level once you have launched your VFP app and the users credentials are verified. Does the security in XP completely issolate the security credentials in the process or would it be possible for a user to minimize the VFP app and still have access to the same resources?
>>
>>It's also important to not just worry about hiding data, but protecting it from tampering and simple replace all (field) with "ZZZZZZZZ" type attacks. This is why encrypting/decrypting does little to protect you from destructive attacks.
>>
>>If security is a true concern for your organization, then I would also suggest looking to another database backend.
>>
>>Also if something bad really does happen the security experts out there will lamb baste you for using VFP when security was an important concern.
>>
>>
>>Greg
>>>>The smart a*s answer is, use SQL Server (or other *real* database management tool to store the data) and use VFP for the client side software. Otherwise you are limited by network security for protecting the DBF files ... I did this with a payroll module in an application but it was not very pretty. I was able to prevent some users from seeing the directory in which the files resided. Unfortunately, once the user was granted access to the payroll application they got access to the DBF's as well.
>>>>
>>>>You have just described one of the major drawbacks with DBMS like VFP.
>>>>
>>>>Just my 2c ... I'm sure others will have better responses.
>>>
>>>You can create special user which has acces to your data directory
>>>and in XP select
>>>
>>>[v] Run with different credentials
>>>
>>>checkbox
>>>
>>>to run your application.
>>>
>>>After application finishes, user is logged off. Directory containing dbf files is automatically disconnected. So data can be accessed only by your application.