@khromov
For example, if a user gains read/write rights to the folder for site1.com, will the user be able to escalate this to site2.com as well, hosted on the same server?
As of now EasyEngine create all sites using www-data
user, so if anyone has read/write permission for www-data
user then that can easily access other site.
This feature/security will be implemented in shared-hosting model. You can see the update at https://github.com/rtCamp/easyengine/issues?milestone=9&state=open
Also EasyEngine can provide the number of security features like
block all the log files and readme.txt readme.html
Limited access to the wp-config.php to avoid brute-force attack