Is it necessary to run miltiple uWSGI web-sites with different users?

Question

In the docs they say:

The customers’ applications can now be run (using the process manager of your choice, such as rc.local, Running uWSGI via Upstart, Supervisord or whatever strikes your fancy) with a different uid and a limited (if you want) address space for each socket:

Is it really necessary to do this? If yes - why?

Answer 1

It is a general security rule. Immagine one of your app being compromised, if it runs with the same permissions of the others it will be potentially able to damage them as well.