Due to static pages being retrieved by apache user (or nobody, depending on your install) -- it was very hard to protect against.Some hosts used SymLinksIfOwnerMatch directive instead -- but that din't really work, as race condition (when symlink is made to point to hacker's file, and then to good user's file) makes it very simple to exploit.As par...