When you chmod your config file to 700, you need to make sure that the file is owned by the user that php is running as. Under a well configured system, that user is not root. So, if the config file is owned by root, and 700, and php is not running as root, it will be unable to read that configuration file (as is the point of file security).
In almost all cases, the user running PHP is the same as the user that the web server is running as (apache is a common choice for many configurations).
On the systems I run, I have not had a problem with the users reading most files, I just protect the files that have passwords in them (very few), and then the directories that I have mysql dump it's backups to, etc. In most cases a user knowing the configuration of the server is of little harm; and it is very hard to keep an expert from finding them anyway.
If you do not want users to know your php configuration, then you will also need to lock-down php. As a simple page with phpinfo(); in it will make a web-page that lists all of PHP's settings.
Last edited by chadl; 09-10-2006 at 05:46 PM.