I know that when the configuration file is writable, ZC shows a warning message.
Is it advantageous to set ALL directories that do not have files that change on any sort of regular basis to READ-ONLY? Same for files?
Would that not narrow down the possibilities, in terms of where malware can be placed? Only a few directories seem to need to be writable.
Bookmarks