All of this daemon writing makes me curious as to how difficult it would be to write a webserver in PHP that served only PHP documents. Some Apache handler magic could forward any request normally handled by the PHP module to this daemon. The daemon would then setup an environment, determine which user it should become based on path and/or domain name, clean itself of any sensitive data, change uid to the selected user, and include the PHP script. All sorts of fun stuff could be done this way like automatic conditional GET support, automatic GZIP encoding, and much more. It would be more secure (provided there were no big holes in the daemon, of course) because it would run as the user instead of as www-data, and would provide a whole host of new features.
Hmmmmm. Interesting.
There are a couple of webservers written in PHP available today… but, as best as I can tell, they don't change users, and they don't actually support PHP as anything other than a CGI (odd?).
