My first real foray into security ... root People (define Admin role here) robert acl_users (robert,Admin) douglas acl_users (douglas,Admin) william acl_users (william,Admin) . . I want to configure my site such that users can only edit their own property sheets. My naive way of accomplishing this is to create an Admin role in People's permissions that has management_screen access. I then add a UserFolder in each person's ZClass with them as the sole user (Admin role). It works but there are problems with my naive approach: 1) It's cumbersome. I have to create a UserFolder and User for each person I add (though I guess I can do this programatically in my constructor). To create this, I need to allow UserFolder additions in my ObjectManager-derived class. Now the logged-in user also has UserFolders as an addable object ... 2) Users can see the acl_users folder in the management screen. They can delete it. And if I change Admin so that they can't "delete objects", they can't delete *any* objects, including instances of other objects they've themselves created in this folder. It's 1:40am here in Oz and I'm shattered having taken the day off from my "real" job to make it a long weekend of Zoping. I'd love to awake in the morning to an email chorus of advice. This has got to be a common-enough scenario, authentication, not people skipping work to Zope ... Cheers, Darran.