webapps running as plain user instead of www-data ?
webapps-common draft states in 3.2.1  that config files
modifiable by the application must belong to www-data group.
Since now it's easy (with e.g. spawn-fcgi) to setup fastcgi
backends as a plain user, web apps don't have to be run as
Potential benefits :
- one application can't access sensible files of another
application running as www-data.
- provides an easy way to limit resource usage by
each web app, since it's bound to one user.
Along these lines, i wonder if a common scheme for user naming
could be defined (something like www-data-mywebapp).
Any opinions about that ?