Firstly, I'm wondering what is the best way to isolate Apache's vhosts from each other. I suppose this has something todo with the Linux filesystem as well, since it's not a good practise to have folders (and files) like /var/www/site1.com/public_html and /var/www/site2.com/public_html under the same Linux user/group.
I found this similar post: Isolating Apache virtualhosts from the rest of the system but noticed this is about isolating the vhosts from the system. A good practice but not what I ment.
I don't want any possible way that site1.com can access files of site2.com and if possible also nothing unnecessary from the filesystem other than it's own directory and sub directories.
Secondly, what is the influence of chmod on the userrights. Let's say both sites run in their own user and usergroup. But site1.com has one file or directory with the chmod rights 777. Will site2.com be able to use that file/directory?
Not the best solution, but maybe part of it, and the simplest : use suExec.
With suExec, you can easily assign a different Unix user for every vhost for instance (the most common scenario). If you take care of having those user's home private (mode 0700), that's a pretty good isolation for a start.
They are not chrooted, and will still share /tmp, see other processes running and such. But you will be at least one level above the vast majority of awfully configured LAMP servers.
There are also some technical pro/cons :
Regarding your second question : using private homes, you get what you want (chmod 0700 ~toto), BUT the user itself might make its own home public and even globally writable if she so whishes (running chmod 0777 ~toto). Thus it depends on the trust you put on the server's users and apps.