On behalf of an ISP who has now installed Zope (on my behalf) ... Does giving ClientX 'Manager' access to Control_Panel/Products/ClientX_Product open up any security holes? The alternative is to have ClientX develop on his local machine, save out ClientX_Product.zexp, and ship it over for us to install. Comments? Cheers, Darran.