The documentation says about apr_file_open(): # If perm is APR_OS_DEFAULT and the file is being created, appropriate # default permissions will be used.
The mode permissions that are set by APR_OS_DEFAULT seem rather arbitrary, they have already been changed in CVS from 0777 to 0666. I don't think the default should be "allow all access the umask doesn't prohibit". I prefer APIs to try and be secure unless the programmer explicitly drills a hole. On the other hand, I am aware there is some tradition with programs creating 0666 files. I suggest that at least the documentation be updated to indicate that APR_OS_DEFAULT creates files readable and writable by anyone (unless umask prevents it). "Appropriate" seems to be somewhat misleading for most files a typical application creates. Roger
