you're right - the owner of the files created by PHP is not you. however, maybe its not clear to me, but do you actually need to have write permission on these files? being able to read them should be enough for an FTP to download them.
I'm trying to automate an account creation process, and to do that, the php script, and NOT the ftp software needs to create folders, copy files and write a configuration file. The only reason I mentioned ftp was because I was using filezilla to verify that the php had behaved predictably.
The only way the script works is if public_html is set to 770 and config is set to 777.
This clearly create a security risk.
The owner of config, using fileowner() is 3xxxx and the owner of the new folders is 99.
Is there a workaround for this?
If not, what security exposure do I have at these settings?
Oh Lord, please help me be the person my dog thinks I am.