the directive to use in apache is:
create the custom php.ini in /var/www/webX/etc
set permissions to rw-r--r-- 0644 root:root so users cannot remove or edit.
(is it possible to put it in a folder out of the users web dir ?)
Add the follwowing line to this php.ini
Now users are chrooted to their own folder and even with a PHP filemanager they can't escape
I'm happy, diskquota's are working fine because of suphp and the security is better.