Changes

One of the problems with shared webhosting (i.e. different people with each his/her own webpages) is that modern script languages such as PHP, Python , or Perl are to too powerful. For example take the following PHP script:

With PHP you could use open_basedir to prevent this, but there are more ways. For example [http://mgeisler.net/php-shell/ PHP Shell], a script that is [http://mgeisler.net/downloads/phpshell/SECURITY often mis-used] by people with not-so-good intentions. Or think about the [http://www.f-secure.com/v-descs/santy_a.shtml Santy-worm] which mis-used phpBB. Again there is a solution in the form of safe_mode, but lots of PHP scripts break if you enable this. For Python, Perl , or CGI-scripts there are no easy ways and you have to use wrappers or other tricks to chroot these.