"The safe_mode directive is intended to provide file access limits to prevent users from accessing files that do no belong to them.
This supposedly should make it impossible to access files of other people in a shared server environment, a common operating environment for PHP where PHP runs as an Apache module and as such has read access to all files accessible by the webserver regardless of the owner.
When enabled, safe_mode will perform a uid/gid (user id and group id) check on the file/directory to be accessed and compare it to the uid/gid of the script that is trying to access the file. If the two match then the file operation will proceed as normal and in all other cases it will fail.
In theory this is a fairly simple hack to a problem that is not otherwise easily addressed without significant performance penalties such as running PHP in CGI mode, whereby the scripts are executed under the user's own user/group id.
So is the real solution to the problems of permissions for file access on shared hosts. By far the best solution is to give each user a virtual server, on which they are an admin. This means effectively creates a separate system for that user, that is completely independent from other users on the system. Virtual servers are surprisingly efficient configurations because in the end users tend to run the same binaries that share the same memory space.
Another alternative is to use CGI or more efficient Fast-CGI in combination with security permissions (umask) that would prevent files created by the user from having a world read and have them owned by the Apache group. A simpler trick could be setting a 711 mask on user directories preventing the listing of files in those directories making file retrieval by unauthorized users extremely difficult.
The last security measure can be found in PHP itself and is called open_basedir. This INI directive allows you to restrict file accesses of a particular user to a series of directories."