There's nothing *very* bad that can be executed without permission. "objectIds" is questionable.
Okay, now I'm getting nervous... what not-so-bad things can you do?! (going to http://www.zope.org/text_content brought up a very disturbing screen...)
I don't know that there is any way to do so. I don't think the security machinery differentiates between things called from the web directly and called from DTML (though it is only through my observations that I say this, I haven't looked at that part of the code).
I wonder if anyone at DC could help out here? My wish-list would be to be able to differentiate in a convenient manner between stuff publicly available and stuff that isn't. To generalise this further, I'd love to be able to assign the usability of a method or access to an object on a role basis, with special roles including 'anonymous' for public access and 'system' for calls from other objects. Kindof like putting public: and private: in a C++ or Java class, but with finer control.
Hmmm... I don't think I'd be brave enough to name something "manage" :)
Okay, this isn't a problem, because if you try and create one, you get told the id is invalid because it is already in us :-) Well, hope people can help, Chris