What would be the correct set of permissions and security assertions I need in order to make it so that in addition to manager only the owner of that object can edit it. It seems if I just gives the permissions I want to the owner role that doesn't work. If I assign someone to the role of owner they can do stuff in all of the documents which is not what I want. I had thought that owner was a role you got automatically on an object if you where its owner. This is on zope 2.5.1 with python 2.1.3 on debian sid. I am using the explicit security assertions on functions using the new security model in the zope developer guide. Is there anything special I would need to use with the more explicit security model to get that to work? Designing and building web applications http://webme-eng.com