What exactly does SuPHP do?
And is it necessary? I've read a bunch of pages on it and I can't for the life of me actually figure it out, as opposed to what apache and just plain old php already do.
Solution 1:
It starts php processes as the owner of the .php being executed. Apache + php by default are running as a pre-defined user in the apache config. (typically www-data, apache or httpd). If you have files that are owned by a specific user, or want to setup distinct permissions for multiple users' sites... you can create a user for each site, and set permissions in the directory structure based on each user... rather than ensuring the apache user/group have permissions to access the files.
For example... if I have a php file owned by "bob" and it makes changes in a directory with group/owner set to bob, ... the apache probably can't write to the directory unless the permissions bit-mask gives rwx to the directory and files. With suPHP, the php file is run under "bob"'s account rather than apache's account... and the script can do anything "bob" can.