diff --git a/install/sql/incremental/upd_0015.sql b/install/sql/incremental/upd_0015.sql
new file mode 100644
index 0000000000000000000000000000000000000000..e0aa23afd6a82385ef09f037ebcac82bafdb67c9
--- /dev/null
+++ b/install/sql/incremental/upd_0015.sql
@@ -0,0 +1,3 @@
+ALTER TABLE  `cron` CHANGE  `command`  `command` TEXT NOT NULL;
+ALTER TABLE  `client` ADD  `limit_openvz_vm` int(11) NOT NULL DEFAULT '0' AFTER  `limit_mailmailinglist` ,
+ADD  `limit_openvz_vm_template_id` int(11) NOT NULL DEFAULT '0' AFTER  `limit_openvz_vm`;
\ No newline at end of file
diff --git a/install/sql/ispconfig3.sql b/install/sql/ispconfig3.sql
index 93793cfa03fb312e707f2d0283107de31640eb37..498d86b1cd82b1490a123172ca53f8cc332cf902 100644
--- a/install/sql/ispconfig3.sql
+++ b/install/sql/ispconfig3.sql
@@ -130,6 +130,8 @@ CREATE TABLE `client` (
   `limit_traffic_quota` int(11) NOT NULL DEFAULT '-1',
   `limit_client` int(11) NOT NULL DEFAULT '0',
   `limit_mailmailinglist` int(11) NOT NULL DEFAULT '-1',
+  `limit_openvz_vm` int(11) NOT NULL DEFAULT '0',
+  `limit_openvz_vm_template` int(11) NOT NULL DEFAULT '0',
   `parent_client_id` int(11) unsigned NOT NULL DEFAULT '0',
   `username` varchar(64) DEFAULT NULL,
   `password` varchar(64) DEFAULT NULL,
@@ -222,7 +224,7 @@ CREATE TABLE `cron` (
   `server_id` int(11) unsigned NOT NULL default '0',
   `parent_domain_id` int(11) unsigned NOT NULL default '0',
   `type` enum('url','chrooted','full') NOT NULL default 'url',
-  `command` varchar(255) NOT NULL,
+  `command` TEXT NOT NULL,
   `run_min` varchar(100) NULL,
   `run_hour` varchar(100) NULL,
   `run_mday` varchar(100) NULL,
diff --git a/interface/web/vm/form/openvz_vm.tform.php b/interface/web/vm/form/openvz_vm.tform.php
index 0077ef28d39758252a0e601098054c0d9526e25f..3a93fb1f06832f4509c654ad3fbc6ddbc8de542d 100644
--- a/interface/web/vm/form/openvz_vm.tform.php
+++ b/interface/web/vm/form/openvz_vm.tform.php
@@ -164,6 +164,7 @@ $form["tabs"]['main'] = array (
 	)
 );
 
+if($_SESSION["s"]["user"]["typ"] == 'admin') {
 $form["tabs"]['advanced'] = array (
 	'title' 	=> "Advanced",
 	'width' 	=> 100,
@@ -292,6 +293,7 @@ $form["tabs"]['advanced'] = array (
 	##################################
 	)
 );
+}
 
 
 ?>
\ No newline at end of file
diff --git a/interface/web/vm/lib/module.conf.php b/interface/web/vm/lib/module.conf.php
index 5d0e2c80a7e5dd143a0ba8eb76bc502e4a89dd00..6d0ffec717ebbe052ceb6fdc80f546f55d558c73 100644
--- a/interface/web/vm/lib/module.conf.php
+++ b/interface/web/vm/lib/module.conf.php
@@ -14,6 +14,7 @@ $items[] = array( 'title' 	=> 'Virtual Servers',
 				  'link'	=> 'vm/openvz_vm_list.php',
 				  'html_id' => 'openvz_vm_list');
 
+if($_SESSION["s"]["user"]["typ"] == 'admin') {
 $items[] = array( 'title' 	=> 'OS Templates',
 				  'target' 	=> 'content',
 				  'link'	=> 'vm/openvz_ostemplate_list.php',
@@ -28,7 +29,7 @@ $items[] = array( 'title' 	=> 'IP addresses',
 				  'target' 	=> 'content',
 				  'link'	=> 'vm/openvz_ip_list.php',
 				  'html_id' => 'openvz_ip_list');
-
+}
 if(count($items))
 {
 	$module['nav'][] = array(	'title'	=> 'OpenVZ',
diff --git a/interface/web/vm/openvz_ip_del.php b/interface/web/vm/openvz_ip_del.php
index ce4ce276eb920ed09ebe4bcab9ae373fcf057d9e..bd97041be1fd6d4cec67f055d364a109458afb8e 100644
--- a/interface/web/vm/openvz_ip_del.php
+++ b/interface/web/vm/openvz_ip_del.php
@@ -44,6 +44,7 @@ require_once('../../lib/app.inc.php');
 
 //* Check permissions for module
 $app->auth->check_module_permissions('vm');
+if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
 
 $app->uses('tpl,tform');
 $app->load('tform_actions');
diff --git a/interface/web/vm/openvz_ip_edit.php b/interface/web/vm/openvz_ip_edit.php
index 7a792448ef361cc4f00063e39451a6ddf7e214aa..8fbd0f27213f94ba6f2cf65c946a6d9a90fa27ae 100644
--- a/interface/web/vm/openvz_ip_edit.php
+++ b/interface/web/vm/openvz_ip_edit.php
@@ -43,6 +43,7 @@ require_once('../../lib/app.inc.php');
 
 //* Check permissions for module
 $app->auth->check_module_permissions('vm');
+if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
 
 // Loading classes
 $app->uses('tpl,tform');
diff --git a/interface/web/vm/openvz_ip_list.php b/interface/web/vm/openvz_ip_list.php
index 7f67ceca42b5ba56ba82a714915f7341588970bd..2a637880765e3e9e127e6beb08c531b0bd248cb2 100644
--- a/interface/web/vm/openvz_ip_list.php
+++ b/interface/web/vm/openvz_ip_list.php
@@ -43,6 +43,7 @@ $list_def_file = "list/openvz_ip.list.php";
 
 //* Check permissions for module
 $app->auth->check_module_permissions('vm');
+if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
 
 $app->uses('listform_actions');
 
diff --git a/interface/web/vm/openvz_ostemplate_del.php b/interface/web/vm/openvz_ostemplate_del.php
index dec96f541877e923beb3f065f6cbb237e2dcfec0..cc54dbd50f1faea82fd6c30dcbcce9cb2d89373d 100644
--- a/interface/web/vm/openvz_ostemplate_del.php
+++ b/interface/web/vm/openvz_ostemplate_del.php
@@ -44,6 +44,7 @@ require_once('../../lib/app.inc.php');
 
 //* Check permissions for module
 $app->auth->check_module_permissions('vm');
+if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
 
 $app->uses('tpl,tform');
 $app->load('tform_actions');
diff --git a/interface/web/vm/openvz_ostemplate_edit.php b/interface/web/vm/openvz_ostemplate_edit.php
index 09a959811c876e416cb84cf03310c85b1c3e8add..697ab4cbda6e0cf4178882e6743beb757ae7ac21 100644
--- a/interface/web/vm/openvz_ostemplate_edit.php
+++ b/interface/web/vm/openvz_ostemplate_edit.php
@@ -43,6 +43,7 @@ require_once('../../lib/app.inc.php');
 
 //* Check permissions for module
 $app->auth->check_module_permissions('vm');
+if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
 
 // Loading classes
 $app->uses('tpl,tform');
diff --git a/interface/web/vm/openvz_ostemplate_list.php b/interface/web/vm/openvz_ostemplate_list.php
index f6f2a70622a621f47f69c299fd26a7d8f6f56a52..00d2ee4d94b0c575df81663f81c49b0f68820e4c 100644
--- a/interface/web/vm/openvz_ostemplate_list.php
+++ b/interface/web/vm/openvz_ostemplate_list.php
@@ -43,6 +43,7 @@ $list_def_file = "list/openvz_ostemplate.list.php";
 
 //* Check permissions for module
 $app->auth->check_module_permissions('vm');
+if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
 
 $app->uses('listform_actions');
 
diff --git a/interface/web/vm/openvz_template_del.php b/interface/web/vm/openvz_template_del.php
index 3b672e7dd6665db9d3c96403a4b0965e0681ef24..09584e35204f4b8e3d0fc89ec2b9f3aaa4fa5e1a 100644
--- a/interface/web/vm/openvz_template_del.php
+++ b/interface/web/vm/openvz_template_del.php
@@ -44,6 +44,7 @@ require_once('../../lib/app.inc.php');
 
 //* Check permissions for module
 $app->auth->check_module_permissions('vm');
+if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
 
 $app->uses('tpl,tform');
 $app->load('tform_actions');
diff --git a/interface/web/vm/openvz_template_edit.php b/interface/web/vm/openvz_template_edit.php
index 2c1247a29976f2e0f8abe5409062c1e5a22e8787..c0740022ccf762c2f875995201f0aaa86b7a498c 100644
--- a/interface/web/vm/openvz_template_edit.php
+++ b/interface/web/vm/openvz_template_edit.php
@@ -43,6 +43,7 @@ require_once('../../lib/app.inc.php');
 
 //* Check permissions for module
 $app->auth->check_module_permissions('vm');
+if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
 
 // Loading classes
 $app->uses('tpl,tform');
diff --git a/interface/web/vm/openvz_template_list.php b/interface/web/vm/openvz_template_list.php
index 0f47764316969bf504416d83b0070040cf962bf8..15bd9075e67854a2946e9416815f84f8c4fc5256 100644
--- a/interface/web/vm/openvz_template_list.php
+++ b/interface/web/vm/openvz_template_list.php
@@ -43,6 +43,7 @@ $list_def_file = "list/openvz_template.list.php";
 
 //* Check permissions for module
 $app->auth->check_module_permissions('vm');
+if($_SESSION["s"]["user"]["typ"] != 'admin') die('permission denied');
 
 $app->uses('listform_actions');
 
diff --git a/server/cron_daily.php b/server/cron_daily.php
index d8a7b647c22898deb2177fa0179c0aa38661a459..c62923b5f2875461110fc35fcb40c8b6233b2c03 100644
--- a/server/cron_daily.php
+++ b/server/cron_daily.php
@@ -501,12 +501,19 @@ if($backup_dir != '') {
 				$web_group = $rec['system_group'];
 				$web_id = $rec['domain_id'];
 				$web_backup_dir = $backup_dir.'/web'.$web_id;
-				if(!is_dir($web_backup_dir)) mkdir($web_backup_dir, 0755);
-				
-				chmod($web_backup_dir, 0755);
-				chown($web_backup_dir, 'root');
-				chgrp($web_backup_dir, 'root');
+				if(!is_dir($web_backup_dir)) mkdir($web_backup_dir, 0750);
+				chmod($web_backup_dir, 0750); 
+				if(isset($server_config['backup_dir_ftpread']) && $server_config['backup_dir_ftpread'] == 'y') {
+					chown($web_backup_dir, $rec['system_user']); 
+					chgrp($web_backup_dir, $rec['system_group']);
+				} else {
+					chown($web_backup_dir, 'root');
+					chgrp($web_backup_dir, 'root');
+				}
 				exec('cd '.escapeshellarg($web_path).' && sudo -u '.escapeshellarg($web_user).' find . -group '.escapeshellarg($web_group).' -print | zip -y '.escapeshellarg($web_backup_dir.'/web.zip').' -@');
+				chown($web_backup_dir.'/web.zip', $rec['system_user']); 
+				chgrp($web_backup_dir.'/web.zip', $rec['system_group']);
+				chmod($web_backup_dir.'/web.zip', 0750);
 				
 				// Rename or remove old backups
 				$backup_copies = intval($rec['backup_copies']);
@@ -527,7 +534,9 @@ if($backup_dir != '') {
 				// Create backupdir symlink
 				if(is_link($web_path.'/backup')) unlink($web_path.'/backup');
 				symlink($web_backup_dir,$web_path.'/backup');
-				chmod($web_path.'/backup', 0755);
+				// chmod($web_path.'/backup', 0755);
+				chown($web_path.'/backup', $rec['system_user']); 
+				chgrp($web_path.'/backup', $rec['system_group']);
 				
 			}