We run apache as the user apache (as opposed to nobody). We then add the user apache to each domains group. This means that our customers don't have to have their files world readable, only group readable, in order for them to be viewed via the web. This helps prevent other users from reading their files. Of course, files are still vunerable if a user can get apache user privileges using mod_php (without phpsuexec) for example. Thankfully, mod_php can be secured somewhat from this by using safemode and openbasedir.
Is anyone else using this setup, and if so, have you found any loopholes, and has it ever caused you problems?
