PHP can't change file permissions even with SUID?

Given a script test.php开发者_C百科 that has the contents:

#!/usr/bin/php
<?php
echo exec('whoami');
chmod('test.txt', 0755);

and a plain text file test.txt in the same directory as itself, it works fine if the user who created those files runs the script. However, if I do something along the lines of:

chown apache:apache test.php test.txt
chmod 4775 test.php

That gives the test.php the ability to run as the 'apache' user, no matter who's running it. But when I run it in that context, I get a "Warning: chmod(): Operation not permitted" error. And the user that gets echoed by the "whoami" command is the generic user, not the 'apache' user.

So, is there a way to allow a PHP script to run as a particular user, other than granting users sudo access to run the script as 'apache'?

---

So, is there a way to allow a PHP script to run as a particular user, other than granting users sudo access to run the script as 'apache'?

You must be missing something. Either you allow apache to execute the file under a different user (sudo/suexec) or not. However, this is merely configuration. So you should first decide what you want to achieve and then configure the server as needed.

So if you want to run the PHP script under a particular user, you do this with making use of the sudo functionality and specifying the user. Apache will then execute the script under that configured user.

If you do not like to make use of sudo then, well, then there is no other option then to run the script under the user that runs apache or apache has been configured to use for invoking the scripts.

So make your decision what you want to achieve. But if you want to change the user, the only way I'm aware of (probably there's something else as well but I doubt it) is making use of the apache sudo feature(s).