I just tested installing WordPress without a wp-config.php file, and let WordPress automatically create wp-config.php when doing the installe wizard from the browser.
However I noticed that when WordPress created wp-config.php file, it set this file to have permissions 666!
However this only happened to wp-config.php, when uploading images, installing plugins, setting permalinks, then all files created by WordPress get the correct 644 permissions
The server is running php in cgi mode using suphp, and permissions should never be higher then 644 on files.
When WordPress create the wp-config.php, why does it create it with 666 permissions?
Is WordPress going to change this default behaviour of setting wp-config.php to 666, or will this continue to be the default when created by WordPress itself?
I am a webhost, and when users don't create the wp-config.php themself, they get 666 permissions on the file, and many of them will not understand they should change the permissions, so this is a problem.