suPHP Notes

suPHP is a wrapper for PHP which provides a similar functionality as suExec for Apache. I especially recommend suPHP for anyone running PHP on a server with multiple users. However, it is also nice even if you're the only one using the web server because many PHP packages require modification to file permissions since PHP is always executed as the Apache user. Many times they tell you to use chmod 777 to open everything up, but suPHP will allow you to avoid this by running PHP files with the permissions of their owners.

Installation and Configuration


For security reasons, suPHP doesn't work if the PHP file is writable by anyone besides the owner. If you want to change this behavior, you need to edit the source code before you compile.

if (file_info.st_mode & (S_IWGRP | S_IWOTH))
// S_IWGRP checks to see if group has write access
// S_IWOTH checks to see if others have access.

// If you want to allow group writability change it to:
if (file_info.st_mode & S_IWOTH)

Be aware that if you do this, this can allow someone besides the actual of the owner of the PHP script to act as that user.