Topic: A lot of config files with 744 rights (config files are executable!)
I separate this into standalone topic. As I think, 'config.php' and many others config files don't need to be executable. I made 'experiments' (for example "chmod -x config.php") and can say, that this rights must be reduced.
In additition, I think, that a lot of config files (for example, /etc/postfix/ldap_*.cf) must have rights like '600' because passwords and logins from mail system are stored in most of them.
What are you thinking about?