I do like the program. The concept is quite nice. But, I think you are hitting things in the wrong direction. You said you were "responsible" for the server. I take that to mean you are the admin. So, why would you have it set up such that people could read other's home dirs? Why wouldn't you chroot everyone and restrict their sphere's of influence? Or, at the least, set perms and masks such that read and execute are not allowed to other users.

I used to do UNIX admin on similar machines and we ALWAYS did this. We had some web apps (Perl & PHP) that we sold to some clients and not others. For the most part even the client that bought the program didn't get even read access to the source. I think you need to reassess the security of the box in general.