Real WEBROOT Protection
Even if Simple WEBROOT protection is enabled, other users can bypass it
and still access all the files within your document root. It is not
possible to have Real WEBROOT Protection without mod_phpsuexec because
the same user that needs access to serve your static pages (nobody) is
the same user that other users on the machine are allowed to execute
arbitrary code using php scripts. Trying to restrict users using
open_basedir might help a little, but it doesn't stop the user from
executing arbirary code in another language (like perl) and obtaining
total access to your web documents and scripts.