The device is a driver that I have written to allow some of the OpenSSL PK operations to be accelerated. The driver is started as /dev/ce0.
I have now figured out why the open() on /dev/ce0 and /dev/mem fails. Both these have uid=root, whereas the httpd has uid=nobody. The only way that I got this to work is to recompile the http daemon with -DBIG_SECURITY_HOLE. Then run the httpd with a uid=root.
If anyone knows the correct way to achive this without leaving a big security hole please let me know.