Hi there, I'm slightly confused by a class I have: class X(Persistent, Acquisition.Explicit): This class has no __roles__, no __ac_permissions__, no nothing... Instances of this class are stored within a special folderish class, Y. This folderish class has a __bobo_traverse__ which returns X objects, wrapped in context, from it's self._xs BTree using something along the lines of: def __bobo_traverse__(self, REQUEST, name): ob = getattr(self, name, _marker) if ob == _marker: ob = return self._xs[name].__of__(self) Now, it appears no methods or other attributes of this class are protected by the security machinery, even though the instances involved are wrapped. The DocString stuff still applies but, once a method has a docstring, any anonymous user who can traverse to one of these objects, can execute any method (attributes whinge about a missing docstring, how bizarre, attepting to traverse to __init__ complains the method starts with a _ ;-) of that instance which is more than a little disturbing ;-) I thought Zope's security policy had changed to be disallow by default, but that really doesn't seem to be the case here :-S What am I missing out on? Is there some mixin class I need or something I need to acquire to make the security machinery check these objects? confusedly and worriedly, Chris