[horde] protecting config dir passwords

[anthony]

Hello,
    I am looking for a solution in protecting the config dir from being read
by users on the same unix machine as the webserver.  I have attempted in
playing around with chmod's for the web directorys, however if not chmod'd
to allow apache to view the date, the code won't work.  Also, chmod'ing with
the user and group of apache, would allow any users who has apache setups to
simply create a script to see the file.

    Any ideas besides relocating the data?

thanks