If chown is filled with a variable ( chown ("myfile", $uid) the uid will be looked up through pwget_uid.
So if you need to set a non existing uid use inval($uid).
(PHP 4, PHP 5, PHP 7, PHP 8)
chown — 改变文件的所有者
尝试将文件 filename
的所有者改成用户
user
(由用户名或用户 ID 指定)。
只有超级用户可以改变文件的所有者。
filename
文件路径。
user
用户名或数字。
示例 #1 简单的 chown() 用法
<?php
// 要使用的文件名和用户名
$file_name= "foo.php";
$path = "/home/sites/php.net/public_html/sandbox/" . $file_name ;
$user_name = "root";
// 设置用户
chown($path, $user_name);
// 检测结果
$stat = stat($path);
print_r(posix_getpwuid($stat['uid']));
?>
以上示例的输出类似于:
Array ( [name] => root [passwd] => x [uid] => 0 [gid] => 0 [gecos] => root [dir] => /root [shell] => /bin/bash )
If chown is filled with a variable ( chown ("myfile", $uid) the uid will be looked up through pwget_uid.
So if you need to set a non existing uid use inval($uid).
I've only tested this on Solaris 10 so your mileage may vary.
To allow the apache daemon to change file ownership without being root, add the following line to /etc/system:
set rstchown=0
Reboot the server.
There are security concerns doing this as this modification allows any user to change ownership of their files to anyone else.
If you want to chown a symlink, PHP will follow the symlink and change the target file.
If you want to chown the symlink, you have to use shell_exec("/bin/chown user.group symlink");
If you allow sudo execution for chmod by "nobody" (www, webdaemon, httpd, whatever user php is running under)in this manner, it had better be a system on which the owner is able to be root and no one else can run code, else your whole system is compromised. Someone could change the mode of /etc/passwd or the shadow password file.
Other system commands (sudo mount) and so forth are similar.