Well, it certainly sounds like a dangerous idea to begin with and I'd prefer sitting down and thinking through the whole strategy of what is trying to be achieved.

嗯，这听起来确实是一个危险的想法，我更愿意坐下来思考要实现的目标的整个策略。

The danger is privilege escalation of an executable script which a remote user could modify or upload, of course. Full chown/chmod in a web app is equivalent to just pasting your root password on the page.

当然，危险是远程用户可以修改或上传的可执行脚本的权限提升。Web 应用程序中的完整 chown/chmod 相当于将您的 root 密码粘贴到页面上。

What is it exactly which needs to happen?

究竟是什么需要发生？

If the chown needs to happen for some reason but not to root (we hope) then the functionality should be wrapped. I would take the user requests and queue them, then have a separate process (could be shell, php, perl, anything) running as root by cron check this queue, check to see if the request fit the allowed parameters, and make the changes.

如果 chown 由于某种原因需要发生而不是 root（我们希望），那么应该包装该功能。我会接受用户请求并将它们排队，然后通过 cron 以 root 身份运行一个单独的进程（可以是 shell、php、perl，任何东西）检查这个队列，检查请求是否符合允许的参数，并进行更改.

One way would be to set up sudo on your machine (assuming it's a Linux box). Sudo allows you to run commands elevated, governed by restrictions set forth in the sudoers.conf file. Use tight rules to limit its use to the required commands in a specific directory for the user your web service is running under (like www-data), and then call the command shell from your PHP script something like tis:

一种方法是在您的机器上设置 sudo （假设它是一个 Linux 机器）。Sudo 允许您运行提升的命令，受 sudoers.conf 文件中规定的限制。使用严格的规则将其使用限制在特定目录中为您的 Web 服务在其下运行的用户（如 www-data）所需的命令，然后从您的 PHP 脚本中调用命令外壳，例如 tis：

shell_exec("sudo chmod 777 dirname");

Do make sure that your sudo config is tight, to ensure that breaking out will be next to impossible.

一定要确保你的 sudo 配置很紧凑，以确保突破几乎是不可能的。

Perhaps you should look at the php commands: chmod, chown, chgrp and fileperms

也许你应该看看 php 命令：chmod、chown、chgrp 和 fileperms

chmod

修改

chmod("/somedir/somefile", 0600);