Access exposed to web directories for other virtual servers

When creating a new mailbox user in Virtualmin 3.31, the following option appears:

Allow access to web directories

In the list below, web directories appear system-wide, i.e. for other users that are not part of this virtual server. This appears to be a potential security hole, and at the very least, it exposes data about other clients.

Status: 
Closed (fixed)