When I tried to su to apache, it didn't work. So, I took a look at /etc/passwd and found that the shell for apache was /bin/false. Is it a horrible security risk to change this to a real shell?