Hello,
What you're seeing may look like a security problem, but is in fact a normal arrangement for a shared web hosting server. Put simply, you can look at other people's files, but you cannot touch them. The default settings in user accounts is that you can look at other users' files and directories, but you cannot modify them.
Many UNIX-based Web hosts set up their shared servers in this manner.
This configuration possesses many benefits for shared hosting customers and does not represent a security problem.
With our default settings and permissions, other users on your shared server cannot modify your files nor can they see your e-mail, which resides in an alternate location on the server.
The two main reasons we have choosen to configure our servers in this manner are:
1. To not give our customers a false sense of security. Even if these files are "hidden," individuals on the shared server can still view customers' files using simple scripts.
2. To optimize performance. One way to "hide" and protect your files is to remove "group" and "other" permissions and then use cgiwrap or php-cgiwrap so that they can still be executed by the server. However, if all files on a shared server used cgiwrap, then the performance of the server would be degraded.
To use an analogy, shared hosting is like living in a glass house in a secure, gated community where all of your neighbors also live in glass homes. Yes, these "neighbors" can see your files, but these files are files only in the public Web and Home directories and does not include your e-mail. In addition, these "neighbors" cannot modify or change your files if the default permissions are used.
If you wish, you can keep other users from even being able to look at your directories by changing your directory permissions. If you would like to do this, please let us know, and we can give you instructions on how.
Please know that as long as you are using the default settings for your account, your files are safe from modification by other users.
If you have any more questions or concerns, please feel free to contact us.