Translations:Manual:Security/125/en

Your $ls file must be readable by the php user, however it should not be world readable, to prevent other processes from discovering your database password and other sensitive information.