I'd suggest that osirismd/configs directory should be owned by root, group osirismd and permissions 1770. This way, default configurations cannot be changed by the osirismd (This is not a security issue. Just to dissallow accidental overwrites.) but it will be able to store everything else in there.
Apart from that, it is a slight security issue to allow users to browse and view the stored configurations. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

