I'll break this down into several options of what I'd find satisfactory and just pray that people have feedback.
Acceptable solution #1 - shell script that prompts for password
As I mentioned in the original post, when I login via SSH and attempt to start a daemon process using sudo while a) backgrounding it and b) writing the output to a file then it doesn't work -- the password prompting somehow fails and when I try to type my password in, it appears as plain text which is not cool and the password is not routed to the prompt but rather interpreted as a command. FAIL.
Mac:server sneakyimp$ sudo php crossdomain_server.php > data/crosscomain_output.txt &
Mac:server sneakyimp$ Password:
-bash: omg_here_is_my_password: command not found
+ Stopped sudo php crossdomain_server.php > data/crosscomain_output.txt
An acceptable solution here would be the creation of a script that would either prompt me for a password and then call the sudo command for me OR write a script that I can just call using sudo so I am prompted for the password immediately and the contents of the shell script take care of backgrounding and routing output.
DOWNSIDES: Have to login via SSH to start my daemon process. Really worried about root passwd ending up in a bash history file, possibly readable by other users on shared hosting environment. General security worries.
Acceptable solution #2 - securely hosted web page that prompts for password
I've seen things like cPanel and Webhost Manager that let you do things like restart mysql or restart apache or even reboot the server. I would love a situation where the webpage (HTTPS hosted of course) prompts the user for a passwd and then supplies it to an [man]exec[/man] command. The problem is that sudo lets you specify the command but then prompts you for a password. As far as I know, exec and sudo don't really play nice together. This is the optimum solution because the PHP web form can only call sudo if the user supplies the write password. Unfortunately, I don't see how to get it to work.
DOWNSIDES: Does using "echo PASSWORD | sudo -S command" result in my root password ending up in a bash history file? This sounds insecure. How much of a security risk is it to temporarily write the root password to a file and use sudo -S to read password from the file?
Acceptable solution #3 - securely hosted web page with sudoer apache
I know you can add apache as a sudoer, but I'm really really concerned about giving apache any kind of sudo capability lest it be abused--especially if the acccess is NOPASSWD. I'm looking into how I can use the sudoers file, but would much prefer if the user must enter some kind of password AND if the the sudoer privileges apply ONLY to one or two scripts.
DOWNSIDES: Security risk in giving sudoer privs to apache. Setting up this kind of privilege involves edits to the sudoers file and possibly other permissions changes I don't yet fully understand which will likely be very confusing to people trying to run my software.
Any feedback or suggestions are welcome.