I've put together some thoughts and a proposed API for making it easier for application code to operate securely and for implementing new security policies. See: http://www.zope.org/Members/jim/ZopeSecurity/ZopeSecurityPolicies As usual, it's a wiki page. :) Feel free to comment there. Jim -- Jim Fulton mailto:jim@digicool.com Technical Director (888) 344-4332 Python Powered! Digital Creations http://www.digicool.com http://www.python.org Under US Code Title 47, Sec.227(b)(1)(C), Sec.227(a)(2)(B) This email address may not be added to any commercial mail list with out my permission. Violation of my privacy with advertising or SPAM will result in a suit for a MINIMUM of $500 damages/incident, $1500 for repeats.