User accounts for applications
Currently it seems that many applications are running under apache.
This gives the apache user quite a swathe of permissions to a lot of the system.
It might be wiser for each application to be under it's own user account, limiting what damage someone could do if the server was compromised
Also available in: Atom