I've just installed a php/mysql link cloaker script. The script requires the .htaccess file to be set to 766. Is there a security issue here? If yes, can I keep the .htaccess permissions set at 766 and add something to close any potential security holes that it might create? Thanks.
does the script documentation explain why it needs your htaccess to be chmodded like so? since it doesn't make sense why you would need to go to such extremes to cloak links. normally the htaccess should be chmodded 644 by default, so even though i can't tell you what the security issues would be, there is a possibility.
It depends on the environment really. 766 is usually something you should just never do with a system connected to the Internet because it gives anyone on the system read and write access to the file. If your environment is jailing users to their own home directory it really doesn't make any difference though.