[Zope] security questions

[Arkaitz Bitorika]

Hi all,

I'm learning about the Zope security system, and have a couple of
questions that I coulnd't find an answer for:
    * Even though in my acl_users folder in Root the Anonymous sole has
    no permissions enabled, I can access as anonymous to any page, why's
    this?
    * The Zope Book says that in the security tab there is a text entry
    that allows adding user defined roles. I don't see that entry, I
    only get the permissions/roles table. I'm logged in as admin all the
    time. How can I define a new role?
    * I will have editors on my site, who should be able to edit/add
    content, but not to change scripts, or other things. Is it a good
    idea to define an "editor" role for them and then adjust the
    pemissions accordingly?
Sorry for the number of questions, and I'd appreciate any pointer to
info or solutions about them. 

TIA,
Arkaitz.