Ian, I've been checking ShaoQi and yours. Both b2s suffered from the usual sign of unChModness of the template file.
To elaborate a bit on the permissions, most webservers actually run as "nobody". So cheking for perm 770 might never work unless the webserver is set to run as the logged user of the server or an user in an usergroup of this server. Both solutions are likely to provoke security holes and indiscrete peeking, this is why they're runned as "nobody". Someone comment me if I'm wrong, please.
Therefore, you've got to check for the permission for 'owner','group', but also 'others', which means checking each is set to 6 (read+write) or more (7, aka read+write+execute). And checking for >= 666 wouldn't help either. After all, 700 is more than 666 but makes a file accessible only to its owner...
@ 02:59:22 457
, no trackback
, no pingback