I need a technical document instructing me how to setup a secure multi-user environment on Debian where each user will have access to run their own sites using Apache and PHP5 (but no other scripts), with access to mySQL and FTP.
Users must be able to run PHP5 scripts through their Apache virtual host, connect to the mySQL database running on the server, and use FTP in their home dir. Users must not be able to access any other users files, or system files, through Apache, PHP5, or FTP, and must not be able to access any data other than their own through mySQL. Users must not be able to access any other resources (scripts, applications, etc., on the server.
The solution will ideally use the least system resources possible, while ensuring total security.