Notes:
I think it is fairly important that some best practices be established from the beginning of UML being deployed as a honeypot or jail. An early embarassing security fiasco would hurt for a long time to come.
A good way to make sure this happens is to make the default jail/honeypot setup practice the current state of the art of UML security. This would take the form of a UML jail kit which implements those practices and is sufficiently easy to set up that it appeals to peoples' laziness and flexible enough that it can be adapted to whatever purposes they intend to put it to.