If chown is filled with a variable ( chown ("myfile", $uid) the uid will be looked up through pwget_uid.
So if you need to set a non existing uid use inval($uid).
(PHP 4, PHP 5, PHP 7, PHP 8)
chown — Changes file owner
Attempts to change the owner of the file filename
to user user
. Only the superuser may change the
owner of a file.
filename
Path to the file.
user
A user name or number.
Example #1 Simple chown() usage
<?php
// File name and username to use
$file_name= "foo.php";
$path = "/home/sites/php.net/public_html/sandbox/" . $file_name ;
$user_name = "root";
// Set the user
chown($path, $user_name);
// Check the result
$stat = stat($path);
print_r(posix_getpwuid($stat['uid']));
?>
The above example will output something similar to:
Array ( [name] => root [passwd] => x [uid] => 0 [gid] => 0 [gecos] => root [dir] => /root [shell] => /bin/bash )
Note: This function will not work on remote files as the file to be examined must be accessible via the server's filesystem.
Note: On Windows, this function fails silently when applied on a regular file.
If chown is filled with a variable ( chown ("myfile", $uid) the uid will be looked up through pwget_uid.
So if you need to set a non existing uid use inval($uid).
I've only tested this on Solaris 10 so your mileage may vary.
To allow the apache daemon to change file ownership without being root, add the following line to /etc/system:
set rstchown=0
Reboot the server.
There are security concerns doing this as this modification allows any user to change ownership of their files to anyone else.
If you want to chown a symlink, PHP will follow the symlink and change the target file.
If you want to chown the symlink, you have to use shell_exec("/bin/chown user.group symlink");
If you allow sudo execution for chmod by "nobody" (www, webdaemon, httpd, whatever user php is running under)in this manner, it had better be a system on which the owner is able to be root and no one else can run code, else your whole system is compromised. Someone could change the mode of /etc/passwd or the shadow password file.
Other system commands (sudo mount) and so forth are similar.