ISPConfig is great and all, when you're using it for yourself only, you don't need to worry about much. However, let's say I want to host customers sites, and most importantly, programs that require shell access... I've noticed that all my web* accounts can ready almost ANY file on the server. This is not safe. I'd like to have all shell accounts limited to their $HOME... I run Ubuntu if this matters any, but is there any way to restrict that to where only root has access to those files in / but users can't access anything outside of, say, /var/www/web1 web2, etc. Also a tip... listen to Till word for word. I made a fool of myself by not doing it (Thanks Till, I appreciate the help and attention you give everyone).
I do not know how to do this in Ubuntu, but for Debian we have this chrooted ssh howto. Also, have a look here: http://www.howtoforge.com/forums/showthread.php?t=8677&highlight=Ubuntu+chrooted
