C. (http://symcbean.blogspot.com/) wrote:
> On 1 May, 22:06, salmobytes <by...@salmo.net> wrote:
>> Is running php as a cgi and then wading through all the
>> suexec pitfalls the only alternative to 777 permissions?
>
> No you could upload to a staging area then use a seperated privilege
> program (setuid, sudo, cron job) to publish the files.
>

I suppose I could write a (carefully-written) setuid c-program,
that does the chown, and invoke that.

I'm not sure I want to allow the apache process to chown with sudo.
That sounds like a dangerous can of worms.
Cron would fine, but then you have to wait.

This is for a classroom setting. I think I'll give up on the upload
script and force them to use ftp. Eventually they'll learn how
to use ssh and a server-side text editor.