Should you have to modify file permissions post installation to protect sensative files such as config.php?
After extracting.. everything is 755.. including includes/config.php which includes sensative information like the db user/pass
I'm not a php guy.. but having the config file readable by all doesn't seem right to me.
File permissions are not covered at all in the installation instructions.
After extracting.. everything is 755.. including includes/config.php which includes sensative information like the db user/pass
I'm not a php guy.. but having the config file readable by all doesn't seem right to me.
File permissions are not covered at all in the installation instructions.
Comment