I've been searching around and I still can't figure out why most scripts and developers recommend that the ideal unix permissions for public_html/other public files and folders are ... 644 permissions for files and 755 permissions for folders... The reason why I'm confused that scripts and others recommend this is if you install a script in a shared hosting environment, even if you're using SuPHP or open_basedir or other security practices, someone on that server could still possibly "view" your files which could include database config files and other files that you wouldn't want someone to read/access. It would make sense that files should be 640 and folders 750 so that the world user (and executed processes/scripts PHP, CGI, PERL, SSH etc) can NOT access your files/folders. So why is this not recommended as it seems to be the more secure permission set for files/directories? Is 644 or 755 a security risk? .... Also, although my original question is for files/directories in "public" directories.. technically my question is for any file/directory thats owned by a user/usergroup that shouldn't be accessible by the public.. Why would you want to make files/directories world readable at all? For instance with our cPanel install, when we provision accounts in WHM, it creates .htaccess files with 644 permissions .. well why would it do this if .htaccess shouldnt be read by other users .. Shouldn't it have 640 or 440 permissions? Is 644 a security risk so why would cPanel .htaccess to this? Even with SuPHP default/recommended permissions appear to be 644/755 which I'm confused why?