Access 97 was the last version where you could secure individual modules
using User Level Security. In all later versions, you can only supply a
"project password", which stops the user viewing or changing the code in
all< modules. So it is now an "all or nothing" thing.
Of course, you can still convert your db to an MDE, in which the user can
not possibly see or alter any source code in any form, class or standard
modules.
