I have a PHP website that allows users to upload files, but I also want the site owner to be able to access and change files through FTP.

At the moment the upload folder is owned by the site owner, with permissions of 777. However files uploaded to the folder through the website are owned by apache (nothing unexpected there) but get a permission flag of 664, so world has only read permission.

I could write some PHP to do a chown and/or chmod, but I just want to check if there's a way to do it automatically first.

Is there any way I can set the default permission of new files in the directory to 666?

Alternatively, should I make my FTP users members of the apache group, or would that open a security hole?

Create a group and put that user and apache into it.

Now chgrp the directory to that group.

Then "chmod g+s" on that directory.

Now when files appear in there they'll automatically have the right group ownership.

_________________
Rgds
Stephen
(Linux user since kernel version 0.11)