I have a client for whom I need to be able to have a php script generate html files. I'm curious as to how to setup permissions for this. The script is running on apache as owner/group nobody:nobody and the filesystem is all owner/group john:users. So, that means to create and write a file I'd have to set the directory with 777 permissions right? That's not good--
The truth is if php is being run as nobody the person in charge of the server couldn't care less about security. A much better setup would be running under UID using suexec. It would be interesting to know if there is even an open base directory restriction in place... if there is not you can probably read everyone elses PHP files including DB connect details etc. Anyway one possible answer is to have your script open an FTP connection to the directory where you want to place the files. This will make the 0777 permission on the recieving directory unnecessary. Check out ftp_connect() (not a default function).