Hi, I'm getting an odd security issue. I imagine it comes from misconfiguring something, because what is happening isn't the default behavior. I'm using CMF with plone. The issue is that users can't edit their own pages. Each user has a folder in /Members, and the default page that plone (or CMF?) generates for them is in their personal folder. They own that default page as well as their /Members/name folder, but they aren't allowed to modify either. When I log in as a user and try to go into the editing view (at /Members/membername/folder_contents), I get the error: Unauthorized: You are not allowed to access listFolderContents in this context A few lines up the stacktrace, there is: File C:\PROGRA~1\zope250\lib\python\Products\PageTemplates\ZRPythonExpr.py, line 49, in __call__ (Info: here.listFolderContents( contentFilter=filter)) File Python expression "here.listFolderContents( contentFilter=filter)", line 2, in f Now, I can explicity allow them to list folder contents by settings the security permissions (I have to enable listing for everyone in this case). However, this seems to be hiding the real problem, and I don't know what that problem is. Also, I don't want to have to enable every security setting in /Members just to allow the users to modify their personal pages.