Can I use setuid or sticky to make a file created by PHP a certain user?

I’m using WordPress and I want files created by WordPress to have the user of the file that created them, not the user the web server is running as. For example, my WordPress files and directories are owned by philip in the group www-data. When WordPress creates a file, I want the owner of the file to be philip and not www-data.

Is this possible? My suspicion is it can be achieve with setuid or sticky bit, but I’m not sure how to apply it.

Related posts

Leave a Reply

2 comments

  1. Not without a lot of extra effort. From what you’re describing, it sounds like you’re probably running PHP using mod_php or something similar; that will always run within the web server, as the web server user. setuid/setgid only work when there’s a new process being executed, which isn’t the case here.

    You can work around this by running PHP using CGI or FastCGI (which’ll let you run all PHP scripts as your own user), but that’s a lot of extra setup that you probably don’t want to get into.

  2. If you don’t want the group to have access, you could use the sticky bit to set g-rwx. The problem with setgid (you asked to change the group, not the user), is that the user running the command must have privileges to assign that group. If you don’t want the webserver (i.e. www-data) to have access, then you probably don’t want to change the gid to any group that it has access to. Otherwise, you’ll need to have some other process with other privileges come along and make this change for the web server, via cron or some other scheduler.