When the server accesses a file, it assumes owner permissions. Since the server assumes owner permissions, there is no need to set a file's permissions so that the group and other users can read them. This makes your files very secure. The exception to this rule are ASP and ColdFusion files. For technical reasons these files minimally require group read permission.