id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc
950	File permissions of created connector files insecure	Thomas Tallyce		"The uploader in PHP contains multiple instances of

chmod( $sFilePath, 0777 ) ;

for uploaded files or directory creations.

Can I suggest this be changed to 0774. I can't think of any reason why the very insecure o+w should be enabled. 0770 would be preferable, but I guess there could be webservers that have the webserver process not in the main user/group."	Bug	closed	Normal		File Browser	FCKeditor 2.4.3	fixed	Discussion