Hi all,

I have a python script that does a manage_addFile (it generates a cached version of a converted file the first time the page is viewed). To allow anon users to access the page itself I've had to allow anon "Add Documents, Images, and Files" in the root folder security. I've disabled it again while I await confirmation.

These are the only options available to me in the python script's security settings:

Access contents information
Change Python Scripts
Change bindings
Change cache settings
Change permissions
Change proxy roles
Delete objects
Manage WebDAV Locks
Manage properties
Take ownership
Undo changes
View
View History
View management screens
WebDAV Lock items
WebDAV Unlock items
WebDAV access

My question is: Does enabling website wide anonymous "Add Documents, Images, and Files" mean users will be able to upload files, etc. indiscriminately? Or does it just mean anon user-initiated scripts and forms that generate files will work?

Thanks,
Adam