securing a ruby on rails installation

view full story

http://serverfault.com – I successfully used this tutorial: http://techbot.me/2010/08/deployment-recipes-deploying-monitoring-and-se... for our ruby on rails server. but I wonder if this installation is safe. what troubles me is that the same user "deployer", who is a sudoer, is running the application. doesn't this open the possibility that by some form of code injection an attacker gets full access to the system (opposite to a common apache installation where the apache process runs as say www-data)? (HowTos)