I did some additional checking of a few more client sites, and found that there were at least 2 sites where the permissions for the sub-folders are not being inherited from the parent as they should..

After speaking to their hosting companies I concluded that this is definitely NOT something the host is doing intentionally but rather something Image Handler is doing.. It appears that the IH2 code does this based on certain host settings. (in this case both of these sites are being hosted by Go Daddy reseller companies. The sites that do not have this issue are not Go Daddy hosting. (all various hosts)

So after doing some digging through the IH2 code I found a hint to the source of the issue. buried in the code is this reference to Tim's website: http://wiki.breakmyzencart.com/zen-cart:safemodehack

Now I gather that this was included to account for some server configurations where you had to set folder permissions to 777 to get Image Handler to work. (Which is how in the early days of Zen and IH2 it had to be done on many hosts)

Basically it looks as if one line in the includes/functions/extra_functions/functions_bmz_io.php sets folder permissions for sites hosted on some hosts to 777.

Code:
      return @mkdir($target, 0777); // crawl back up & create dir tree
this code on line 118 of the includes/functions/extra_functions/functions_bmz_io.php file is mucking up the sub-folder permissions for some (not all) webhosts.

Now I don't know exactly why on some hosts the permissions are inheirited correctly and on some hosts they are not.. I do know that if I change the 777 to 755, then the permissions for the sub folders created within the IH2 bmz_cache folder will be set to 755..

I am not entirely sure if this is THE fix, but it certainly is a solution. I would love it if ckosloff and clyde could weigh in to confirm all of this is in fact the correct solution, and perhaps shed some light on why it might work for some hosts but not others..

Quote Originally Posted by clydejones View Post
I just checked my bmz_cache folder (set to 755)
All the folders (0 - f) within that folder are also set to 755 and the files within these folders are set to 644.
Quote Originally Posted by ckosloff View Post
I am so scared of aliens.
I have never seen one, so they never did anything to me either.
But I have heard stories of alien abductions, mostly in the X files.
Since I don't know about aliens, and just to be in the safe side, I am scared, and recommend to other people to stay away from them.
Sounds pretty much like these new security concerns:
images in the bmz-cache are encrypted, so it does not matter to what security level they are set.
If you use some free security tools like the Hacker toolbar, a free add-on for Firefox, or even the Linux CD from backtrack-linux.org, you will see what I mean.
Try to find an entry point there.
755 works for most Linux servers, I don't know if for all.
Just to feed the paranoia you can set to 755 recursively your bmz_cache, IH2 does NOT set permissions for folders.
Regarding the coders, yes they are dead people, and bad too, addicted to forks.
However, the last incarnation for IH2 has been written and tested for Zen Cart simply because...there is no IH2 plugin yet for that other bad thing they indulge in.
But stay tuned and you might soon find one.