I had a question for the group. I am concerned that a remote user can attempt to run things in the Control_Panel area. ---------------------------------------------------------------------------- - Example (1) An example is with Yihaw. I can run the following URL on a Zope system for an installed product. http://localhost:8080/Control_Panel/Products/YihawDirectory/YihawChannel_add I Receive, Zope Error, Error Type: KeyError, Error Value: title (edited for brevity). Even though I got an error, I got some information about the system. Is this not the beginning of a security problem? ---------------------------------------------------------------------------- - Example (2) With ZWiki I can do the following: http://localhost:8080/Control_Panel/Products/ZWiki/basic-0.9.5/FrontPage I get a full page for a site that doesn't exist. ---------------------------------------------------------------------------- - In some instances (such as http://localhost:8080/Control_Panel) I get a request to log into the administrative portion. Good! Should I not always be required to log in? Is this an issue with Yihaw? An issue with my permissions? Thank you! Greg Moore