mod_auth_shadow is an Apache module which authenticates against the /etc/shadow file. You may use this module with a mode 400 root:root /etc/shadow file, while your web daemons are running under a non-privileged user.
A package for Debian linux is available here.
On Fedora Core 5 and up, just "yum install mod_auth_shadow" will install it.
Another implementation of this idea can be found within mod_auth_external.