Sorry, I couldn't figure out what "component" to list this under.

I have my settings.php file permissions set to 400, or -r--------.
In my /admin/reports/status page, however, I get the following warning:
The file sites/[sitename]/settings.php is not protected from modifications and poses a security risk. You must change the file's permissions to be non-writable.

When i change the permissions to 444, the error goes away.

Obviously the error message is wrong...what I'm guessing is happening instead is that settings.php is completely unreadable to apache when I set the permissions to 400? Maybe there should be a different error message to that effect.

Comments

Status: Active » Closed (outdated)

Automatically closed because Drupal 6 is no longer supported. If the issue verifiably applies to later versions, please reopen with details and update the version.