diff -r ce072c9aa573 -r 6aec72169ee1 server/session.py
--- a/server/session.py	Wed Jan 15 18:20:25 2014 +0100
+++ b/server/session.py	Thu Jan 16 12:21:05 2014 +0100
@@ -1437,7 +1437,8 @@
         self.user._cw = self # XXX remove when "vreg = user._cw.vreg" hack in entity.py is gone
         if not safe:
             self.disable_hook_categories('integrity')
-            self._tx.ctx_count += 1
+        self.disable_hook_categories('security')
+        self._tx.ctx_count += 1
 
     def __enter__(self):
         return self