[p4] Security question: super-limited account ?

[Steven Bougon]

Hi guys,
 
we are being asked to provide a perforce account for a external user (so
he can syncs
some files and apply them to their instance), but we feel really weird
security-wise and
perforce-wise, to give access to an external guy
The external guy would have a vpn access on one box, quite isolated (I
don't have too 
much info on that for now).
 
Anyway, I can restrict the guy view and make sure thru the protect table
that he can 
only read a very restricted part of the tree, but, to my understanding,
he could still
do a bunch of things:
- p4 users (and get the names of the users)
- p4 labels (and get some good information on how far we are on our
release)
- p4 filelog (and get who did what)
- etc ...
 
Am I right or does perforce provide a way to super-restrict the access
for a user ?
 
Thanks,
Steven