Personally I don't think we should be encouraging people to go for non-0644 or 0755 - this is the kinda stuff that gets people's extensions removed from JED

I agree with @wilsonge, folders should be 0755. What is the use case for anything else?

There are some valid use cases but they are real edge cases and inmost of those cases the user has the skills to manually change permissions. If we were to introduce this into the core (as we did in joomla 1.0) we will see masses of users changing to insecure permissions because they read "something" online ( or sadly even in the JCM) advising them to do this as a solution to an issue. I absolutely agree that this should NOT be part of the core.

It's already part of the core in that JFolder::create() can be called with an optional second argument set to anything you like. An 'evil' extension could, even now, create a folder with something like 0000. I believe if you do this inside your files directory, the media manager will just break. Maybe some sensible constraints are needed. We could have a line inside the create function like:

$mode = $mode | 0511;

This would prevent the creation of any unreadable directories.

I know this PR addresses an edge case but I can't be the only one who has ever wanted my Joomla-created folders to be set to 02775.

@wilsonge enabling ≠ encouraging

Your first idea as a class setting is right, please don't confuse users with yet another parameter. But I also agree that this should be handled in theory by the server configuration and not by Joomla. So I'd rather go the other way around and actually remove setting some permissions on new folders.

All in all, I'd call this PR usefull and will set the tracker item back to "pending".

Should I target this at staging instead of master? Should I drop the idea entirely?

Given that nobody cared to test this in over hakf a year I think the interest is quite low.

If you think it's still worth your time, please redo against staging so at least Travis runs on it.

Hmm. I've got bigger fish to fry.