Appreciate the feedback guys. I basically plan to use Vmin / Webmin from now until infinity, warts and all 
So my current goal is to design the most secure base image / snapshot installation of Vmin that I can and then use that image to install all my future server… hence the security focus. (among other reasons)
I have some limited experience with jailkits…
I thought the primary benefit of jailkits was/is that you can prevent malicious actors from gaining sudo privileges, by only adding apps needed to run websites and nothing else into the jailkit.
So, I guess my question is…
How does using a normal Virtual Server, per user, prevent a malicious actor from hacking a random user’s Virtual Server and somehow gain access to the core server itself?
Or is the only way to truly achieve that level of security is by chrooting the Virtual Server?