A.1.1 If a shared hosting provider allows entities (for example, merchants or service providers) to run their own applications, verify these application processes run using the unique ID of the entity. For example:
- No entity on the system can use a shared web server user ID
- All CGI scripts used by an entity must be created and run as the entity’s unique user ID