And is it necessary? I've read a bunch of pages on it and I can't for the life of me actually figure it out, as opposed to what apache and just plain old php already do.
It starts php processes as the owner of the .php being executed. Apache + php by default are running as a pre-defined user in the apache config. (typically www-data, apache or httpd). If you have files that are owned by a specific user, or want to setup distinct permissions for multiple users' sites... you can create a user for each site, and set permissions in the directory structure based on each user... rather than ensuring the apache user/group have permissions to access the files.
For example... if I have a php file owned by "bob" and it makes changes in a directory with group/owner set to bob, ... the apache probably can't write to the directory unless the permissions bit-mask gives rwx to the directory and files. With suPHP, the php file is run under "bob"'s account rather than apache's account... and the script can do anything "bob" can.
It starts php processes as the owner of the .php being executed. Apache + php by default are running as a pre-defined user in the apache config. (typically www-data, apache or httpd). If you have files that are owned by a specific user, or want to setup distinct permissions for multiple users' sites... you can create a user for each site, and set permissions in the directory structure based on each user... rather than ensuring the apache user/group have permissions to access the files.
For example... if I have a php file owned by "bob" and it makes changes in a directory with group/owner set to bob, ... the apache probably can't write to the directory unless the permissions bit-mask gives rwx to the directory and files. With suPHP, the php file is run under "bob"'s account rather than apache's account... and the script can do anything "bob" can.