Ah, okay, I thought that's what you meant, but I hoped it wasn't.
The fact that you expect this to work is a bug in Zope's security machinery, IMHO, but sadly only IMHO it appears.
Huh? That's fundamental to Zope's security model.
As I said, I appear to be the only person who thinks differently. I don't believe it's fundamental to Zope's security policy myself, and I think Zope would be just fine and less suprising to those of us who value security if it all behaved like restrictedTraverse...
Well, you must be the only one who never had a need for security restrictions elsewhere than at the root of the site.
I understand the pros and cons, don't worry ;-)
-- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk
Zope-Dev maillist - Zope-Dev@zope.org
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce