The point to apache having its own account is that it, as well as a bunch of other dummy users, [cat /etc/passwd] and see how many fake users are there, will not have things like a passworded account, or a shell, or a number of other abilities that would be a headache for them to have if some 3l33t |-|aX0r got access to the account.
Hope that makes sense.
Cheers,
Finegan
|