Some hosters are using the open_basedir restrictions because they think this makes hosting somewhat more secure. Well normally it is not because a hoster in need to enable it often shows that the system is not properly configured in respect of the file-access-rights. A properly configured system would not need PHP to handle restrictions. And often open basedir can be tricked because of flaws in the implementaiton – at least those problems were reported in the past.
Anyway, the funny thing is, that a strong source of randomness often isn’t available any longer when those hosters configure the open_basedir restriction: /dev/urandom .
For example with something like WordPress and phpass, they just do not benefit any longer of it, if it was forgotten to allow access to it.
In for the security or in for the obscurity?