Could you expand on what you mean by "content" ? Is it executable content (DTML, ZPT, python scripts)? Also what's the failure mode. Unauthorized? Traceback? Finally have you tried VerboseSecurity (if that applies)? Florent Adrian Hungate <adrian@haqa.co.uk> wrote:
I don't know if this is a Zope, CMF, Plone or DCWorkflow issue, but I just got bitten by what appears to be a bug in someone's security handling.
If you create some content as user A, then delete user A, no one can edit the content, or change it's ownership.
I created a site as "manager" and created a bunch of content. Then I created the users that would actually be maintaining the content and deleted "manager" (It's far too easy to guess at). Suddenly, all updates started failing, and continued failing, untill I re-created the "manager" user.
I have set the domain to 127.0.0.1 so the user can not log in, but I would really like to know if this is and intended security feature or a bug.
Any input would be appreciated. -- Florent Guillaume, Nuxeo (Paris, France) +33 1 40 33 79 87 http://nuxeo.com mailto:fg@nuxeo.com