As an aside, I'm running all of this under SELinux, but it's in permissive mode so I don't believe that it should make a difference.

SELinux has its own security deal ... then there is chroot ... then at the most basic there are simple file permissions

Pick a different file one you know the apache user can write to