I installed the drupal7 port but noticed that the webserver root (the drupal core files) were *all* owned by www:www Isn't this an enormous security risk to have apache being able to write in the core directorues of drupal7?