set rights in a functin

code/app.py

@@ -1,7 +1,7 @@
 #!/usr/bin/python
 # -*- coding: utf-8 -*-
 
-import os,sys,time
+import os,sys,time,stat
 import json
 from datetime import datetime
 from flask import Flask, render_template, jsonify, \
@@ -84,7 +84,7 @@ def upload(name = None, password = None):
                 if os.path.exists(filename):
                     return "Overwrite forbidden", 403
             file.save(filename)
-            os.chown(filename, app.config['UID'], app.config['GID'])
+            set_rights(filename)
             return redirect(url_for('list_view',name=name))
 
 @app.route('/send/<name>', methods=['GET'])
@@ -277,7 +277,7 @@ def get_share(name, require_auth = True):
     })
     if not os.path.exists(share['path']):
         os.makedirs(share['path'])
-        os.chown(share['path'], app.config['UID'], app.config['GID'])
+        set_rights(share['path'])
     return (True,share)
 
 def is_expired(share):
@@ -292,12 +292,21 @@ def print_debug(s):
         sys.stderr.write(str(s)+"\n")
         sys.stderr.flush()
 
+def set_rights(path):
+    os.chown(path, app.config['UID'], app.config['GID'])
+    st = os.stat(path)
+    if app.config['UID'] > 0:
+        os.chmod(path, st.st_mode | stat.S_IRUSR | stat.S_IWUSR)
+    if app.config['GID'] > 0:
+        os.chmod(path, st.st_mode | stat.S_IRGRP | stat.S_IWGRP)
+
+
 
 def zip_share(share):
 
     if not os.path.exists(app.config['ZIP_FOLDER']):
         os.makedirs(app.config['ZIP_FOLDER'])
-        os.chown(app.config['ZIP_FOLDER'], app.config['UID'], app.config['GID'])
+        set_rights(app.config['ZIP_FOLDER'])
 
     zip_path = os.path.join(
         app.config['ZIP_FOLDER'],
@@ -317,7 +326,7 @@ def zip_share(share):
             arcname = os.path.join(share['name'],file)
         )
     zf.close()
-    os.chown(zip_path, app.config['UID'], app.config['GID'])
+    set_rights(zip_path)
     return zip_path
 
 def zip_clean():