Please B/CC me, thank you.

I am on a site that has all the files in both the /home/sitename/www/ directory and a 
we'll call /home/directory/includes/ with the following permisssions:


The group I have in /etc/group does not have anyone in it, including me.

The server reads everything fine and the php engine can include fine from the 
/home/sitename/includes/ directory.

The problem is, everyone else on the site can read the includes directory as well, 
including my 
database password file which get's included.

What I would like to set up is:

        [1] the apache/php engine can include from the
                includes directory, but not just spit it out.
                I think that is taken care of by the
                .htaccess file already.

        [2] the apache/php process is in my group,
                and everything I want to go out has
                the group permissions set to rwx--r---
                (do php/html/inc files also have to be
                 executable to be serverd?)

        [3] 'everyone' does not have the ability to read
                my files on myserver. 

Is this the way to do it? What is the normal way permission are set up for 

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to