Maldetect running from ssh under 'root'. As I know, ssh under 'root' is no under 'protected' from all commands.
So, in this case, not meaning able to access /home dir if running under web (via http://).
In latest version, Kloxo-MR already set 'open_basedir' only for '/home/<user>' for each user.