> The reason we can now read out any files and traverse directories owned by the > apache user is because apache httpd displays symlinks and directory listings > without querying suEXEC.
Displaying symlinks and directory listings is not a "reason". suEXEC changes the ID for executable content only. This is not executable content, it's content owned and readable by www-data that is symlinked into a web-accessible directory.
