Ok I am using ISPConfig and are allowing people access to CGI and Shell

1) Can my customers use cgi to harm my system

2) Can my customers use shell access to harm my system

Thanks

1) Can my customers use cgi to harm my system

Yes, if you done use SuExec.

2) Can my customers use shell access to harm my system

Yes. I would not give users shell access unless you recompile your SSHD to ebale chrooting of shell users and create chrooted accounts for your shell enabled users.

Olease have a look at this howto:
http://www.howtoforge.com/chrooted_ssh_howto_debian

Ok is SuExec covered by the perfect stup guide, or used by default on suse 10.

IF not to both how do I use it and set it up

Thanks

Ok is SuExec covered by the perfect stup guide, or used by default on suse 10.

No. But you can enable suExec in ISPConfig under management > server > settings.

IF not to both how do I use it and set it up

I dont know of a howto for SuSe for chrooting SSH users. Maybe google a bit or try to adapt the DEBIAN howto.

Ok is SuExec covered by the perfect stup guide, or used by default on suse 10.

During ISPConfig installation you must specify /srv/www as ISPConfig's document root instead of /home/www because SuSE's suExec is compiled with /srv/www as document root. Have a look at the suExec section on http://www.howtoforge.com/perfect_setup_suse_9.3_p6
And then, you have to enable suExec in ISPConfig, as Till said.

OK.. thanks... small problem though can I re-run the SuExec and specify that /home/www is the default folder... or change a config file somewhere.... rather than re-installing ISPC to change the web folder.

Thanks

SuExec is compiled into apache, it is not configured in a config file. If you dont want to change your web root you will have to recompile your apache webserver and set the correct web-root as configure parameter.