I have not thoroughly tested this, but I have done it twice to make sure I could reproduce the error I saw in the specific circumstances I saw it. I suspect the bug is generic, but don't have the time to prove it right now. My setup: INSTANCE_HOME style setup. Zpatterns installed in 2.3.0 tree EMarket installed in the instance products folder. RedHat Linux 5.2 (I think, how do you tell on a linux system?) python from RPMs, zope 2.3.0 from source install (wo_pcgi). I upgraded an existing site by simply changing my zopectl (see my product) PYTHONHOME setting to the 2.3.0 tree, shutting down the site (which had been running 2.2.4), and restarting. Now, at this point I did not understand how inituser was supposed to work, so I had copied my old access file to be my inituser file, thinking the name had changed but the semantics were similar. Imagine my surprise when the inituser file dissapeared when I started zope <grin>. The problem is that the inituser *replaced* the single existing user in the acl_users folder. This must be a bug. --RDM PS: I also was amazed to find that having ZDebug (without Chris' patch) in my Products folder left my site *wide* open: anonymous could view and edit methods. This might be worth a warning on the web site, even though it is unlikely anyone would run production with ZDebug installed.