Why manage_delObjects requires granting "Delete objects" to Authenticated to allow even Manager(!!!) to use it? The following DTML method lives in /edit Folder, and it tries to delete a copy_of_top image in /images Folder. Even a manager cannot run it (the error message is "unauthorised to use manage_delObjects") unless "Delete objects" is granted to Authenticated. <dtml-var standard_html_header> <dtml-with images> <dtml-if copy_of_top> <h1>Image is there</h1> <dtml-call "images.manage_delObjects(ids=['copy_of_top'])"> <dtml-else> <h1>Image is not there</h1> </dtml-if> </dtml-with> <dtml-var standard_html_footer> This problem does NOT appear if both the DTML method and image live in the same folder. In other words, the following DTML method does not require special privileges: <dtml-var standard_html_header> <dtml-if copy_of_top> <h1>Image is there</h1> <dtml-call "manage_delObjects(ids=['copy_of_top'])"> <dtml-else> <h1>Image is not there</h1> </dtml-if> <dtml-var standard_html_footer> Why is this? -- Milos Prudek