If we mention at all that certain files (like install.php) can be deleted after installation, we should never even hint that this is for security reasons. Your blog is secure whether those files are there or not. --Matt http://photomatt.net | http://wordpress.org