maybe a combination of chrooting, quota, no exec and removed binarys is a good way?:)
chroot to safe the rest of the maschine (yes, i know, chroot can be br0ken) quota to stops the user from compiling
? So you're not going to let them store data, or use lynx with cookies?
no exec for the ones who dunno how to exec a bin anyway ;)
then their chroot will be a bit broken if nothing can exec.
and removed binarys to restrict the possibilities (like no compiler etc.)
uploading stuff is possible through so many things (sed and awk!).
another way may be usermode linux .. for every user a own system ;) diskspace is not much expensive today ...and CPU etc. also ... and you can backup this linux from the master maschine so if somebody killed his box, just copy the files back ...
-Kurt