But how I do that?

And why are the flag called DBIG_SECURITY_HOLE? Whats security hole
with allowing a apache server run as root?
The error message says that any local user can get read access to any
file on system, but I dont see the security hole in that?
To gain access locally, or by SSH, they need to be behind my
firewall,
which means they need to be at a machine at my network, and all my
machines are in same room = they need physical access to machine.

I only see a security risk with running as root, IF the server is
placed in
a web hotel solution.
Then people on same server can access each other's files.

But there is more servers alone, than on web hotel solution.