I am developing the security model for a ZODB-based document management Product (with a capital P). I am only using two primary local roles: 'Viewer' and 'Owner.' Because I wish to mimic the security model in a Linux/UNIX environment, I would like to grant everyone at least the 'Viewer' local role on the root of the folder/document tree, but have the option to lock down particular folders at a lower point in the tree. For example: Home (Everyone = 'Viewer') | -------------------------- | | Joe's stuff Sam's stuff (Joe = 'Owner') (Sam = 'Owner') In this situation, I do not wish for local roles to be acquired from above. In other words, I don't want Joe to acquire the local role of 'Viewer' when attempting to look at Sam's stuff. Because Zope makes the bold assertion that security should always get more permissive the deeper one traverses the object hierarchy, is there no way to do this short of hacking the 'getRolesInContext()' method? I have no interest in tweaking the permission-to-role grid on every particular folder and document, as this system will contain an indefinite depth of folders and a large volume of documents (hundreds of thousands). Thanks! Nathaniel Wingfield