Steve Alexander wrote: However... the zope security system could help with this. Here's an ill thought out idea for your consideration :-)
Have a function that takes two sets of permissions, and returns the intersection of these sets. Then, use some sort of local permissions combination to make the wiki page that's been edited have the resultant lowest-common-denominator permissions, even for the owner.
Correct me if I'm wrong, but wouldn't this have the same problem? Person of high access makes zwiki, person of low access adds evil function to it, person of high access views it - unless you're tracking "smallest set of privileges held by anyone editing this page" at all times, you're going to intersect owner with creator and still allow editor to trojan. Is that the essential problem, or should I be quiet and go away? (or both? ;) KevinL