This notice only applies to developers who are following the bleeding edge of Zope, the CVS trunk. It does not apply if you downloaded Zope from a web site. We're about to check in to the trunk the unified restricted code implementation which is currently on the RestrictedPython branch. The documentation and rationale can be found here: http://dev.zope.org/Wikis/DevSite/Projects/SupportPython21/RestrictedPython We looked at using Bastion and rexec, but neither of them provide the kind of granularity demanded by the Zope security model. So we created a new module, RestrictedPython, which is in fact usable outside Zope. Although the driving goal was to support Python 2.1, this project has given us an opportunity to work on some long-standing issues as well. The restrictions are clearer and finally both DTML and scripts use the same code to implement security. We've tried hard to make the new code work just right, including new unit tests and a couple of optimizations. But there is bound to be some breakage. Also, as the community was warned previously, the new code requires Python 2.1. Shane