Full Access to CGI

It seems that when running a Web Edition CGI on a computer, the application has full access to the whole computer. Is there any way to restrict access from a CGI to ‘see’ only from its directory down?

Depends on the OS. On a Mac (I think you are using) you have to create another user account and then essentially give it no access outside it’s home directory /Users/Username. This is very similar in Linux but chroot’s give you more flexibility. WE apps can also steal all the processing power of the box.

You can change the user / group on OS X using terminal if you really need to
Same as linux in that regard
You can use ACL’s to restrict things as well

Thank you Phillip and Norman.