I am trying to acquire the functionality of SimpleItem and the new Zope 2.2+ security model (methods are private by default) in a single class. Thus I subclass SimpleItem and override __allow_access_to_unprotected_subobjects__ as follows: class subclass(SimpleItem): __allow_access_to_unprotected_subobjects__=None __ac_permissions__=( ('View', ['index_html'], ('Anonymous',))) private = HTMLFile('filename', globals()) . . . I would expect that the 'private' method would no longer be viewable via the web. But it is. Am I missing the obvious here? Mark Postal _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )