What is the safest way to achieve storing a config file into /etc after entering the settings on a php application running in Apache2 ?
I have a daemon reading its config at startup from a file I stored into /etc/mydaemon/main.conf (thought it was the best place to store its settings).
Now I want to have a php application allowing users to change its setup via elegant webpages. But how can I get the rights to write/overwrite this file without compromising the server's security?
If the Apache user (www-data) can write or modify /etc all the system is compromised.
If any user of the PHP application can change the demon's configuration the behaviour may be a mess. You told about "users", changing simultaneously that config file.
As @quentin says use a database if you need persistence; or an application file (not in /etc or other system directory).