One of the more frustrating things about working on a shared server is trying to keep it secure while still giving users some flexibility in their environments. Stuart Herbert has continued his series looking at combating issues like this with this look at installing suexec to secure a shared server.
The challenge with securing a shared hosting server is how to secure the website from attack both from the outside and from the inside. PHP has built-in features to help, but ultimately it's the wrong place to address the problem.
His guide steps through the entire process - getting the software, configuring Apache (with the PHP/CGI installation) and configuring suexec, both for the default install and then for the shared server settings. There's even a few brief benchmarks showing the speed of execution for scripts with and without the suexec environment.