Working with Zope 2.2.1 (in two distinct servers), I noticed the following behaviour with (0.1.7) Python methods (created under Manager role): 1. Apparently anyone (non-authenticated users) can successfully run the methods even if these include operations (folder/file/user creation, etc.) for which the invoking user has no permission. 2. Although I am able to give Python methods the proxy role of Manager, I can not give them other proxy roles, roles which I also have and am able to give to DTML methods, for instance (anyway, problem 1 makes privileged proxy roles superfluous... :) ). Has anyone fixed this (while we wait for the new shiny Python methods)? Best regards & thanks in advance J Esteves -- jmce: +351 919838775 ~ http://artenumerica.com/ ~ http://artenumerica.org/ _______________________________________________ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )