Prevent access to directories

A search on this site shows that the solution to this question has been posted, but I cant access it. So I know it must be possible and Ill just re-ask it (since many of you will say its impossible).

I am making a security program for windows xp home. Basically, I just want the desktop to be available (therefore the user does not have access to any other part of the drive). I have prevented access to everything I needed, except I have one security flaw.
When the user opens a program (such as ms word) and clicks 'save' or 'open' they have access to the whole computer. If they were only able to browse the desktop and nothing else, my program would be complete.
Any suggestions?
I was able to disable the "Look in" combobox, but i do not know how to change it to the 'desktop' first. And it seems like microsoft word does not have the standard open and save dialog. so this method might not be such a great idea anyways (since the open dialog can differ from program to program).

If someone figures out a pretty flawless way to do this, let me know and ill increase the points to 500.

If nobody can think of a way to do this, should I just upgrade to windows xp pro? Will I be able to set up xp pro to do what I want (the only accessible directory would be the desktop)? (no points will be awarded to this last question about upgrading to xp pro, but if this happens to be the best solution, I just might give it the points)

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

i've been thinking about this issue too (for a few client on our network) cause i couldn't find the same the as you are looking for, i just set the localpolicy very strict and set NTFS rights on everything, so nothing can be deleted or modified by users.

I get this clases in a Open dialog (with Spy++): SysListView32, SysTreeView32
search (every 1s) for windows with this classes, get hwnd and set visible=False with SendMessage API
Try It...
createitAuthor Commented:
I played around with the NTFS rights, but theres a huge problem. When you restrict user access to the directories, not even the system has access to it. For example, if i restrict access to just "viewing" the windows directory, windows will not load for that user account. Or if I disable "viewing" rights to the program files folder, you wont even be able to run the programs in that directory. Is there a way to make it so that you just cannot view the contents of a folder, but still run everything within it? If so, that would be perfect and the points are yours.

I dont have any trouble detecting the open dialog box. I used a system hook to detect new classes that launch, and am able to detect what window is which by its classname, title, and childs.
I do not want to prevent the open dialog box from loading because people who use programs like word need to be able to open and save their documents. I just want to restrict this action to the desktop. Also I cant just hide the directory list, because you cant always control the default directory to be the 'desktop', and I will need a way to change it to that first.

Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

make your own open (save) dialog with restriction
when you detect a standard open dialog, hide standard and show your dialog
when user close your dialog, pass the path to standard and simulate open(or save)_Click
Just a idea. Not ask how, I don't know... :)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
createitAuthor Commented:
That might be a pretty good idea. I should easily be able to code that. I just hope theres some better methods, because I already thought of a few cons with this...but it should definately do the job.
If nobody else gives me a better idea, youll get at least half the points for sure.

Ill go code the idea up right now until i get more suggestions and see how it goes.

createitAuthor Commented:
I attempted to swap the open dialog box with mine, but there are many problems with that. I need to worry about the file types that can be opened, I need to worry about error handling if the user enters a file that the program cant open, the user will lose preview functionality, etc etc...It turned into a big mess.
I also played around with NTSF rights, and it just doesnt do what I want.

But I figured out a solution that does exactly what I want.. I will still split the points between the two of you for trying to help.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Visual Basic Classic

From novice to tech pro — start learning today.