Currently, unauthenticated users have view permission by default. I'm inclined to change this so that Unauthenticated users don't have any permissions by default. Any objections? Jim -- Jim Fulton mailto:jim at zope.com Python Powered! CTO (540) 361-1714 http://www.python.org Zope Corporation http://www.zope.com http://www.zope.org