Hi all, I have a python script that does a manage_addFile (it generates a cached version of a converted file the first time the page is viewed). To allow anon users to access the page itself I've had to allow anon "Add Documents, Images, and Files" in the root folder security. I've disabled it again while I await confirmation. These are the only options available to me in the python script's security settings: Access contents information Change Python Scripts Change bindings Change cache settings Change permissions Change proxy roles Delete objects Manage WebDAV Locks Manage properties Take ownership Undo changes View View History View management screens WebDAV Lock items WebDAV Unlock items WebDAV access My question is: Does enabling website wide anonymous "Add Documents, Images, and Files" mean users will be able to upload files, etc. indiscriminately? Or does it just mean anon user-initiated scripts and forms that generate files will work? Thanks, Adam