Secure hosting with PHP and perl

How can I make a secure hosting with PHP ?
So, whats the problem ?
mod_php executes with apache's permissions
(usualy apache.apache or nobody.nobody)
and everybody can see scripts and datas of other
users. Suexec doesn't solve the problem, because
suexec works only with CGI scripts.
Is there any other solution, or I must use perl and php instead of mod_php and mod_perl?
Is somebody made some changes on Apache source to use setuid
without suexec?

I have never used suexec. But if all it requires is executing a cgi script, just call you php script as a cgi script. first add #!/path/php as the first line of your script and make you php script executeable. I hope this helps.

Well, there's the perl Module CGI::SpeedyCGI which achieve something
similar to mod_perl, but out of the apache box. it runs via a backend process connected to a local socket called on each request.
under suexec it's one's own uid. the perl modules are loaded only once, and variables retain their values at the beginning of the scripts like in mod_perl.

It's unlikely suexec will change on apache anytime soon. If you read the apache and suexec sources, you'll see it's tied to many other parts that take it for granted.
another reason is that changing this model would whipe out all the security
development effort already put in suexec for the last 7+ years.
When rightly configured, suexec is the best privacy/security enhancing feature.
that also make it simple compared to complicated directory/extensions declarations etc. simplicity=security because less likely to break with a sandgrain-in-the-gears.

URL supports SpeedyCGI,
as well as php, ssl, mod_perl and a bunch
of libraries.

Boris