The Web server runs under the user groups and users of www-data:www-data. to which user groups and users should php programs be set to ensure security?

  question

If the combination of Nginx and PHP-FPM is good, how to set up user groups and users of PHP programs to ensure the safety of program execution?

Set up individual users and user groups. Php-fpm has nothing to do with the users of the Web server, as long as they can communicate with each other. Different services try their best to use independent users and user groups to run, so in case of any service problem, the other party can only get the rights of the users used by that service and is unlikely to implicate other services.