Symfony version(s) affected: 4.2.8

Description
We have a brand new project, developing locally on a VM worked great. Our first deploy to a production machine for client validation wouldn't allow login. save_path was set to : /tmp/projectname. However in debugging we turned the env to dev and saw permission denied errors as it tried to write to the default save_path set in php.ini. We changed handler_id to session.handler.native_file (which is the default) and then it picked up save_path and used it and we were able to login. Changing handler_id back to ~ stopped us from logging in, removing handler_id also allowed us to login.

How to reproduce
Create new sf4.2 project, change the save_path to some directory, setup php-fpm as a non-default user. Alternatively you can checkout the project https://github.com/IBVPD/aggregate and set it up using php73 running as a some regular system user instead of apache/nginx etc.

Possible Solution
I haven't dug more deeply into why it is this way.

Additional context
The php-fpm (7.3) process runs as a non-system low privilege user.