Hi all :) I am developing a product (a kind of CMF site) that should refuse anonymous access by default. I would like to write some code for this product so that whenever a new instance of it is created, the 'View' permission for that instance is set to exclude the role 'Anonymous', and allow the others ('Authenticated', 'Member', 'Owner', 'Reviewer', 'Manager'). So far I have played around with manage_permissions and have got: p.manage_permission('View', ['Authenticated', 'Member', 'Manager', 'Owner', 'Reviewer'], acquire=0) Unfortunately for me, this means that after the site gets created, I am for some reason not authorised to access the object. If I set acquire=1 so that it will acquire permission settings, then I have no problems with that but unauthenticated users can also view it :( Does anybody know what the usual way of setting default permissions for a product is? I don't want to define new permissions, just change the 'view' permission. Thanks : ) Harry