Welcome to Dreamhost! I'm glad to see your thread on "The mother of all pre-sales inquiries" answered enough of your questions for you to feel comfortable giving DH a try.
I'll try to answer your question(s) as best I can, but be fore-warned that I do not consider myself to be an expert on nix server security. There are *many on this forum that know a lot more about this than I; I hope they will jump in to help should I give "less than stellar" advice. That said, since you addressed a particular question to me, I'll share what I (think I) know.
I don't know that I would go so far as to "suggest" it, but I did point out to another poster that this would help to obfuscate where the files that are associated with a domain are stored. I don't think much of "security by obscurity" as a general security philosophy, but there is some truth to the argument that each obstacle placed in the path of an intruder has some deterrent value.
Granted if only one domain is stored in your user space, it is trivial for an "explorer" to determine which domain's files name (which he identified by inspecting /home/username/logs listing) are stored in "foo", but it would take considerably more persistance for that same explorer to wade through 200 or 2000 "foo" files trying to locate the files for a given domain. Does that make any sense?
Actually, if you rename /home/user/logs to something else, the next time the server goes to write to the log files it will recreate the /home/user/logs directory and start new logs there for all your domains instead of auto-directing to your renamed directory. The control panel does not have a way for you to change this behavior.
I don't know that it is advisable to do that with all files - after all, anything you want to be viewable to the public is already available via http, right? I generally set directories to 755 and the "public" files to 644, though CGI executables need to be 755 to run properly under suexec. I also tighten down things like PHP config files, .htacess, .htpasswd, etc. as far as possible for the circumstances (in addition to trying to keep them stored above the web accessible directories.
That strategy has worked for me. I have hosted a lot of sites here over the years and the only real "exploit" I have suffered was one occurrence a long time ago where I foolishly (lazily) "moved" a client's existing site, complete with an operative but insecure formmail script, onto the server without thoroughly vetting the script. I learned my lesson, and won't be doing anything like that again.
I'm sorry, I don't really know the correct answer to that question (though I suspect someone here that does might chime in!).