[Zope] Devolving the management of users

[Paul Browning]

I can see how I create a role which allows a user to
manage other users (and do nothing much else)
at a particular folder level (and below).

What I can't see is how to prevent a user
with such a role creating another user with
the "built-in" Manager role and then using
this new account to gain any sort of permissions ....

No matter what I do the Manager role always seems
to be available in the Add user screen. Can this
be suppressed?

[Why do I want to do this? I want to devolve the
management of usernames and passwords of a particular
folder but without exposing the contents of other
objects in the folders to tinkering .... I can guess
I can ask the user(s) with the role not to do anything
but reset passwords but you know how people get curious ....]

TIA. Paul

--
 The Library, Tyndall Avenue, Univ. of Bristol, Bristol, BS8 1TJ, UK
     E-mail: paul.browning@bris.ac.uk  URL: http://www.bris.ac.uk/