diff --git a/tools/python/jwutils/Config.py b/tools/python/jwutils/Config.py
index 4955793..8efe0c3 100644
--- a/tools/python/jwutils/Config.py
+++ b/tools/python/jwutils/Config.py
@@ -13,7 +13,7 @@ from .log import *
 
 class Config(): # export
 
-    def __load(self, search_dirs, glob_paths):
+    def __load(self, search_dirs, glob_paths, refuse_mode_mask):
 
         def __is_abs(path):
             if path is None:
@@ -45,26 +45,27 @@ class Config(): # export
                     paths_buf = []
                     tree = stree.read(f, paths_buf=paths_buf)
                     assert(len(paths_buf))
-                    for p in paths_buf:
-                        st = os.stat(p)
-                        if st.st_mode & 0o0077:
-                            for item in tree.child_list():
-                                if item.content is None:
-                                    continue
-                                if not re.search('password|secret', cast(str, item.content), flags=re.IGNORECASE):
-                                    continue
-                                msg = "Config files define secret, but at least one has file permissions open for group or world"
-                                slog(ERR, f'{msg}:')
-                                for pp in paths_buf:
-                                    slog(ERR, f'  {((os.stat(p).st_mode) & 0o7777):o} {pp}')
-                                raise Exception(msg)
+                    if refuse_mode_mask is not None:
+                        for p in paths_buf:
+                            st = os.stat(p)
+                            if st.st_mode & refuse_mode_mask:
+                                for item in tree.child_list():
+                                    if item.content is None:
+                                        continue
+                                    if not re.search('password|secret', cast(str, item.content), flags=re.IGNORECASE):
+                                        continue
+                                    msg = "Config files define secret, but at least one has file permissions open for world"
+                                    slog(ERR, f'{msg}:')
+                                    for pp in paths_buf:
+                                        slog(ERR, f'  {((os.stat(pp).st_mode) & 0o7777):o} {pp}')
+                                    raise Exception(msg)
                     tree.dump(DEBUG, f)
                     ret.add("", tree)
         return ret
 
     def __init__(self, search_dirs: Optional[list[str]]=None, glob_paths: Optional[list[str]]=None,
                  defaults: Optional[Dict[str, str]]=None, tree: Optional[StringTree]=None, parent=None,
-                 root_section=None) -> None:
+                 root_section=None, refuse_mode_mask=0o0027) -> None:
 
         self.__parent = parent
 
@@ -74,7 +75,8 @@ class Config(): # export
             self.__conf = tree
         else:
             assert(tree is None)
-            self.__conf = self.__load(search_dirs=search_dirs, glob_paths=glob_paths)
+            self.__conf = self.__load(search_dirs=search_dirs, glob_paths=glob_paths,
+                                      refuse_mode_mask=refuse_mode_mask)
 
         if root_section is not None:
             tmp = self.__conf.get(root_section)