[Zope-CMF] CMF security policy

[David Hart]

Hi,

I'm trying to grok the CMF security policy, in particular for newly 
added items.

I have a CMF site where a particular entire folder and all its contents 
should be accessible only to a certain role (just 'Authenticated' in the 
simple case). I would like all contained objects to inherit their 
permission from the parent folder.

When new CMF content is added, the Anonymous role is specifically set on 
the Access contents information and View permissions. I'm looking in the 
source, but can't yet track it down. Is this happening in the factories? 
Is there a way I can change is default behaviour?

-dave