> > Basically, if a user with manager privileges to a folder changes > > their > > password to be empty, then anyone (from permitted domains) > can access the > > management screen for that folder Without Logging On... > Zope assumes that > > you are the user without the password and treats you as if > you have those > > rights. > > This is a feature, but I don't know if or where it is > documented besides > the source code (which is a bug if it isn't I guess). You're right - it is a feature. You are also right that it isn't documented anywhere that I can find :( I would suggest adding this to the Collector (as a 'Documentation Request'). Brian Lloyd [EMAIL PROTECTED] Software Engineer 540.371.6909 Digital Creations http://www.digicool.com _______________________________________________ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )