If rpm supports user interaction during installation you schould probably let the user input its own credentials instead of this default. Someone could get the idea of scanning the web for new installed zopes with default passwords.
Yes. I forget that not everyone runs deny all / explicit allow firewall policies, even at home. :-) I shouldn't assume that additional layers of security exist to protect against exploitation of this... I'll look into what's required to setup the inituser interactively. Right now the inituser is set during the "build" stage. Even if I don't end up changing the package so that it is set interactively, I'll at least make sure Zope only binds to the loopback address by default, thus reducing the impact, and I'll add a security note to the README in either case.
The old /var/zope/access method is not implemented by this package."
Is it a good idea to disable the emergency user? What if the user kills her acl_user object or similar?
"python2.1 /usr/share/zope/zpasswd.py /var/zope/access" will work to create an emergency user. Guess that one needs clarification. Even if I don't implement /var/zope/access in the package, that doesn't mean that the underlying Zope install doesn't support a user creating and using an emergency user.. I will update the docs accordingly..... Thanks for the feedback, Adam