not sure there is a secure method ? , you could setup another webserver (not apache) with root privileges, or a small socket server in PHP/whatever run as root to parse commands sent from localhost only, you could also play with sudoers file?
MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)