I have been trying to use
.../config/disable-filesystem-security to prevent permissions being automatically changed for a single site (specifically execute permissions being removed), as documented at https://wiki.sympl.host/view/Website_Configuration_Reference#Filesystem_Permissions.
This doesn’t seem to work. I think the correct file to create is actually
.../config/do-not-secure. Is that correct, or is is that configuration option actually doing something different? Creating that file has stopped the execute permissions being removed from that site.