|It would be difficult to do.|
You would set a Program access only group and assign this user to it.
No share anywhere could use "everyone" or authenicated users.
You assign this program group to every share and set to deny.
Only the program share would be assigned with rights so that one user could access
Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's