NTFS permissions: run EXE but hide containing folder

Hello,

One of the companies I work for issues a laptop with their company
documents on it, only accessible via Internet Explorer installed on
the system. The paths to the links are viewable as C:\SomePath
\Company.pdf for example, but you cannot use Windows Explorer to view
any of the C: drive at all. Yet IE can access & run the file. Same
with some EXEs installed - they are there and runnable, but not
visible/accessible to the user. They do this so the laptop remains
secure, up-to-date and noone can "fiddle" with the documents and
programs stored on it.


I have a similar situation where I wish to protect a directory
containing some company documents and applications from prying eyes
on
a laptop distributed to an employee. I need to be able to launch
those applications and files (EXEs, PDFs etc) for use by the user
from
shortcuts that point to this hidden location, and those applications
should be able to write config files (.ini etc) back to their own
directories, but the files and programs themselves should never be
visible to the end user.


How can I achieve this under WinXP with NTFS file permissions? What
permissions do I set to hide the folder of programs and config files,
and what permissions must I set so that shortcuts to those programs
located elsewhere on the drive can run those programs without issue?


Thanks for your help.


FF