On Mon, Dec 31, 2012 at 01:48:14AM +0100, Petko Yotov wrote: > The second argument 0444 causes world read permissions always, not > sometimes. No matter if the file owner and the directory owner are > the same or in the same group or not.
Ah, I didn't remember that. According to the SVN log, this is one of the oldest changes made to PmWiki (Nov 2004). The original problem appeared to be with PHP's move_uploaded_file() function, which would always leave files with 0600 permissions, which meant the account owner could not view or otherwise manipulate the files. Of course, this was with whatever version of PHP was available at the time, it's entirely likely that PHP's upload ownership/permissions model has changed since then. > Patrick, do you think this second argument should be made modifiable > by a wiki admin? And should it be 0444 by default or O? I'm okay with it being an admin-modifiable value. It should continue to default to 0444, at least until we can figure out exactly why it was forced to 0444 in 2004 and can be certain that changing it to zero won't cause lots of problems for people on older PHPs or in various ISP setups. Pm _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
