What are the security implications of running composer as the `www-data` user related to PHP/apache/nginx? [duplicate]

问题

This question already has answers here:

What permissions for PHP scripts/directories? (6 answers)

What are the best practices setting file permissions for a PHP website on Apache2/Linux (LAMP)? (1 answer)

Closed 13 days ago.

According to the discussion at What directories and permission does php composer require?

Composer should not be run as the www-data related to the PHP process.

What are the security implications of this? Doing a web search for "php composer user security" does not seem to show me any relevant results.

来源：https://stackoverflow.com/questions/65940925/what-are-the-security-implications-of-running-composer-as-the-www-data-user-re