umask and file permissions

[macattack]

Hi,

 

I've looked through some of the archives in regard to umask, and I still have some very important security questions that I'm hoping someone can advise me on.

 

My host has a default umask(022) set, which causes problems for me in regard to file deleting and editing. Even if I use FileZilla to change the permissions, they remain as 644. I am wondering what the most secure approach is — I currently don't have a user log in to access the file creation part of the site, it's currently just a directory that I've told a few friends about, my next project is to require users to log in. My host suggests setting umask(000), and then set the file permissions to 666 in mkdir(), but I'm wondering if that opens a "Pandora's box".

 

If someone can suggest a secure approach (other than the logical "require users to log in", that's coming soon), that would be great. I want full control to read and write, and I want my PHP code to be able to do that work automatically. As it stands, even if I attempt to change the permissions in FileZilla, it doesn't let me do it, and I can't delete the file.

 

Any help would be appreciated.