Some of my users have requested access to a mysql database. I have mysql installed and running for a forum. My main concern is security. Would I simply create a new seperate database for each user? and then create a seperate mysql account user for each user and give them access to that newly created database? a brieft howto or doc or steps here would be nice.. thanks

In the interests of secruity of the database, you should first determine what kind of access the users want.

Do they want to run queries (read only access) or do the want to make new entries or make changes to existing entries (read-write access)? Then limit their respective access priviledges according to the needs of each user.

I would say most users want read/write access. Having said that, should each user have their own database? if i had one single database for all users then it would be kinda messy I think.

That depends largely on the size of the database.
If you are not hard pressed for disk storage space, then each user could have a copy of the database. If you have the means of synchronizing the several copies into one master, then you could maintain the master as the reference source which they can read but not write to, but which they can copy (or be provided a copy at regular interval) to work with.

If I understand you correctly, some users want you to host their database(s) on your server.

If your main business is not hosting or database providing, I would not do it. Mostly as it will give you extra work and users might be able to slow down your forum (the server) by running complicated queries on huge tables. Or fill up the partition where the databases reside and your forum might not work any longer.

With regards to the security:

Usually each user has its own database. One of the reasons that you can think of is that they need to be able to modify the table structure. You don't want user A to modify the structure of a table created by user B. You can prevent that with access rights for each table but that implies that the database administrator has to maintain those rights which might be a lot of work.
So give each user his/her own database with all privileges (except for grant option) on that database.

Some additional stuff to think about:

How are the users going to access the database? Remote access to the database (running a mysql-client over the internet), commandline on the server, webpages or ....? The first one is a security risk as the whole world will be able to attack the mysql server. The second one implies ssh access to your server and you have to make sure that you jail them to their home directory (else you have a security risk again). So basically leaves the third one which you might have to work out.

For what are the users going to use their database? Websites? Just to learn (my)sql? This will define if logins need to be created, apache configuration etc.

What about backups. I doubt very much that you want to be responsible for backups of the databases of the other users. So a mechanism needs to be in place for that.