Working with Permissions in PHP, Part 1
Subject:   I, too, was a little disappointed by this article
Date:   2005-02-24 11:16:50
From:   RichardBronosky
It's actually a great article on Unix file permissions. Something that I was really confused about when I started using Unix several years ago. But I was able to find an article very similar to this back then and I now don't have to think twice about chmod'ing files and such.

But, the point is that there are tons of very similar articles out there.
The google search above returns 305,000 of them.

I think that the author should have just wrote his "Working with Permissions in PHP, Part 2" and used one of the existing tutorials as a prerequisite.

What I'd really like to see is an intelligent disscussion on the problem of using permissions that would allow a PHP based CMS to write to files as the www user and allow you to write to the files as your ftp/shell user. The common approach is to use chmod 666 (global read+write). But that is a big security risk on a shared environment.

Keep in mind that this is on an environment where I do not have root access or access to /bin/su. This is the case for most PHP hobbyists. Which includes my personal projects like that is hosts using a cheap shared plan. At work I have root access, or can request changes from the admins in other divisions.

On boxes I administer I just make myself a member of the www group which Apache normally belongs to. Any files I want PHP to write to are "chgrp www"'ed and "chmod g+w"'ed. This helps but is not perfect. Most importantly, you will not get access to the www group on a share host.

Is there a way to get php to exec() as my user?