I just noticed this problem today when I was running into an issue with horde not finding the database properly. It appears that the log file, /var/log/psa-horde.log is owned by apache and not root. Personally, I find this quite scary considering that log lines such as this are present: DB Error: extension not found: mysql, , /var/lib/mysql/mysql.sock, unix, localhost, horde, horde, XXXXXXXX, utf8, horde, horde.perms, horde_datatree, horde_datatree_attributes Where XXXXXXXX is the database password, which if it wasn't changed for user 'horde' is also the password of the admin login for mysql. Considering the number of phpbb/nuke/mambo exploits that allow users to gain access to user apache, this issue concerns me. I just thought I'd share this with everyone incase no one noticed. Just another reason to make sure all your scripts are up to date. Cheers. Adam.