The Apache user account should be allowed root privileges as appropriate.
(1) allowed/not allowed
(1) via /etc/passwd
L1 4. Create the Apache Web User Account p11
1.6 Creating the Apache User and Group Accounts p14
CIS Apache Benchmark for Unix v1.7 For Apache Versions 1.3 and 2.0
CIS
2007-07-01
Version 1.7
Prose (PDF)
Security Configuration Benchmark For Apache Web Server
CIS
2008-11-01
Version 2.2.0
Prose (PDF)