[Zope] restricting permissions for direct access only

[Michael Shulman]

Hi,

I am new to Zope, and so far I like it very much.  But I think I am
confused about how security works, or is supposed to work.
Specifically I want to know the following.

Is there a way in Zope to restrict permissions for direct access only
(i.e. calling an object through the web) but still allow indirect
access (i.e. executing an object that was called by another object
that was called through the web)?  I have many Zope scripts but most
of them are only auxiliary functions; only a few are designed to be
accessed by a user through a URL.  I don't want users to be able to
call my auxiliary scripts directly, only the ones that are designed to
be "published."  But changing the security settings on the auxiliary
scripts (e.g. removing "View" access from "Anonymous" role) prevents
anonymous users from executing them even indirectly, so the public
objects which depend on those auxiliary methods also stop working.

Feel free to tell me that I am misunderstanding the way security
works, or is supposed to work, in Zope, or that if this is something I
need to do I am designing my site incorrectly from the point of view
of Zope security (and if so, what is the correct way to design it?).

Thanks!!
Mike