Hi everyone,
There is, I think, a big security problem: scripts are running under apache user. Due to that fact if someone decided to write a script in php, for example, so as to do uploads, the files will not be his but apche user ones. Is there any thing so as to prevent it? I think about suPhp which seems to be a good solution...

Cordialy,

Yayien

Please use forum search. There are already some threads concerning suPHP.
I haven't tried it yet, but it should not be hard to use suPHP if you correctly configure your server. This should not need any changes in ISPConfig.

As Oliver already stated. This is not an ISPConfig issue, it is a question how you configure your server. You can use either suPHP or SuEXEC + CGI-PHP to run PHP scripts under the web user.