PHP runs under the security context of the webserver. On Ubuntu it's www-data, on CentOS it's apache.
You'll need to set group/owner correctly on the files/folders you want PHP to have access do, depending on the need. You could use mod_suexec but I wouldn't recommend that.
I'd recommend looking at installing Suhosin to compensate for some of the PHP security flaws.
Modules I use:
eAccelerator - PHP optimization and caching, http://eaccelerator.net/
Suhosin - PHP security module, http://www.hardened-php.net/suhosin.127.html
mod_deflate - Gzip content on the fly for HTTP 1.1 clients, http://httpd.apache.org/docs/2.2/mod/mod_deflate.html
mod_evasive - Protection from misbehaving clients and DoS attacks, http://www.zdziarski.com/projects/mod_evasive/
mod_security - Protection from script kiddies and bots, http://www.modsecurity.org/
with select rules from http://www.gotroot.com/
Applications I use:
fail2ban - Ban clients after 10 404's or auth fails, http://fail2ban.sourceforge.net/