Security of $_SESSION array

Question

When a low-privilege non-administrator user logs into my web app successfully, I am storing the following data in the $_SESSION array:

$_SESSION         


        

Answer 1

Not unless you've left a security hole somewhere (such as allowing users to add/change $_SESSION data somehow).