I've always thought that it was pretty safe to store this kind of material outside of the web-browser accessible path of your host. Of course, you then have to be careful who has access to your site via ftp. Let's see what comes of this question :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php