Setting the Zope "super manager" name and password

  Because Zope is managed through the web, user names and passwords must be
  used to assure that only authorized people can make changes to a Zope
  installation.  User names and passwords are normally defined by creating
  and modifying user folders within Zope.

  A special "super manager" user name and password are defined outside
  the application for two reasons
 
    * Some user name and password is needed to authorize creation of
      normal managers of your Zope site.

    * The "super manager" provides an all-powerful user that can do
      anything in the application, and whose password cannot be changed
      through the application user interface.

  This user name and password is defined in the 'access' file located
  in the Zope directory. It should be readable only by the user
  as which your web server runs.

  The super manager username and password should only be used when
  defining the normal management users and passwords and when dealing
  with unusual situations, like lost (or hacked) manager user names and
  passwords.

  In order to provide a somewhat higher level of security, various
  encoding schemes are supported which provide access to either SHA-1
  encryption or the standard UNIX crypt facility if it's been compiled
  into Python.  Unless you have some special requirements (see below), 
  you should use the SHA-1 facility, which is the default.

  The access file should consist of a single line of the form:

    name:password

  The build scripts automatically create an 'access' file for you, 
  using a default username and a randomly generated password which
  will be given at the end of the build script.  The default is to
  encode this with SHA, so please remember this password as there is no
  way to recover it.

  Note that you may also add an optional third component to the line
  in the access file to restrict super manager access by domain. 
  For example, the line:

    mario:nintendoRules:*.mydomain.com
 
  in your 'access' file will only allow super manager access to your 
  installation from *.mydomain.com machines. Attempts to access the
  system from other domains will fail, even if the correct superuser
  name and password are used.

  Note that there is now a program to change the password,
  'zpasswd.py', which if run will explain how to use it, and if run it
  its most basic form will prompt for all information.

  Please note that if you use the ZServer monitor capability, you will 
  need to run with a clear text password in this beta release.

Setting permissions on the var directory.

  You need to set permissions on the Zope var directory.
  Zope needs to read and write data from its var directory. Before
  running Zope you should ensure that you give adequate permissions
  to the Zope var directory for the userid Zope will run under.

  Depending on how you choose to run Zope you will need to give
  different permissions to the var directory.  If you use Zope with an
  existing web server, it will probably run Zope as 'nobody'. In this
  case 'nobody' needs read and write permissions to the var directory.

  If you change the way you run Zope you may need to modify the permissions
  of the var directory and the files in it to allow Zope to read and write
  under its changed userid.
