Ugo Bellavance wrote: > If the needed permissions for standard PHP files and directories are > 'r' on files and 'r-x' on directories, how can I set my umask so that > files and directories are always created as such? I looked up 'man > umask' and it seems to treat files and directories the same way. Maybe > that is impossible, but I logged in via FTP to a server of a web hosting > company, and it implements just this: creates directories as rwxr-xr-x > and files as rw-r--r--. > > Another thing... how should I configure ownership on the files? > root as owner, apache as group and no permissions for others? Do NOT make root as owner, unless you really really really need to. If somebody manages to alter the contents of the file, and then manages to make it executable, you no longer own that computer, they do. In fact, make the files owned by the apache user is what I would recommend, unless you really have a hard-core reason not to, PLUS you have considered all the ramifications. If files need to be owned by somebody else for some reason, they STILL should NEVER have to be owned by root -- or else you've got some serious security issues to consider. It's better to create a new user, with very limited and specific abilities to do the minimum they need to do, than to just go using 'root' access for things. I don't know what umask does, and I don't know what your FTP host does, but I do know that you can use 'find' and its '-exec' flag to change directories and files differently in a cron job if you need to do that. They'll have the wrong permissions for the brief period that they are created. Or, when you create the file, you can change its permissions at the time of creation, which is probably what the FTP program does. umask is handy, but not the "answer" to every need. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php