Author: ms419
Description:
When uploading images to MediaWiki, I notice it creates new directories with permission 777. Since I have installed MediaWiki on a shared host, I prefer new directories to be created with permission 755, to prevent other users on the shared host from writing to them.
Where Apache and PHP are run with the same user id, I would even prefer new directories to be created with permission 770, to prevent other users from even reading them. However this is not the case on my shared host: Apache is run as www-data and PHP is run as my user id.
I cannot think of a case where I want new directories to be created with permission 777.
Thanks and best wishes, Jack
Version: 1.13.x
Severity: enhancement