This is part of a banner rotation script. Would it make the site safer? Would I still be able to overright the file by ftp?

would it make the site safer? There's a heck of a lot more to making a site safe than changing permissions on a single file, but it can't hurt. Just don't oversell the significance in your mind, it's a part of making it safer, just a part.

Can you overwrite it by FTP? No. You set it to read: owner, group, other. I don't see write in there, do you?

Dave, a banner rotation script that I want to implement uses a simple text file to pull banner codes from. I just don't want someone to be able to change that file to then inject funny code into the header.

Just wondering what I should chmod that file to. Or maybe leave it at 644?

So what happens if I make it 444? Will I still be able to erase the file using ftp?

644 is owner write, group and other read.

You will be able to edit or overwrite it via FTP.

As for the question of whether someone else, namely the web server, can overwrite the file and inject code into it, is a touch question to answer.

Are you running Apache? is php a compiled into Apache or running as a cgi? Is Apache running as the same user as the account your asking about? There are probably as many questions to ask you fi you're on a MS server, but I don't have a very good handle on IIS anymore.