In article <3201i.6866$eY1.1099@newsfe2-win.ntli.net>, Zoe Brown wrote:
> >> I have a client who wants to be able to restrict access to a PDF file to
> >> a specific user.
I think you're right. You don't need to put them in the root, just "above" the
html directory. Then you can validate your user & give 'em the file, or not.