Simple question about ActiveX and IE

[Jonathan Mole <jonathan () ukexplorer com>]

This is probably a very simple question, with a very simple answer.
I am running windows 2000 with all the latest service patches. We have
written an interface for Internet terminals (based on the IE6 libraries), we
need to allow ActiveX and ActiveX downloading, as the users could be going
to any page on the web. 
My boss is sure that there is a way to allow ActiveX, but to allow it
absolutely no access to other files on the system? Could somebody tell me if
this is true or not, and if so, what group policies/registry settings do I
need to change. I have always believed that there was no sandbox for ActiveX
controls, Remember seeing one that checks for various files on your system.
The main problem we have is due to Porn Dialers. Once the ActiveX control
has run, they add a new connection to dialup networking.

Thanks in advance,
                 Jonathan Molando