Having spent the better part of the night getting nowhere with this, I hope somebody can help. Consider a DTML method (called 'content') which is part of a ZClass as follows : /Control_Panel /Products /MyProduct /MyZClass content [dtml method] Is there no way to protect the DTML method so that it cannot be accessed directly from instances of this ZClass ? eg. if we create an instance of MyZClass in the Zope root : /MyInstance I don't want people to be able to call : http://Zope_server/MyInstance/content But we would like other DTML documents/methods such as http://Zope_server/MyInstance/index_html to be able to access the contents using "<dtml-var content>" I've been getting nowhere with the "Define Permissions" tab of the 'content' DTML method in the ZClass definition - it's simply not possible to disable the 'view' property. Thank you in advance if anybody can offer any suggestions here, chas