Cache Files: How do you protect them, if they must have write permissions?

I use a simple Cache library I wrote, which saves the data I want to have cached, into files under /var/www/my_site/cache/

This directory has read/write permission for everyone, so the apache process, executed by the user apache, can CRUD cache files.

But then I thought that caching sensitive data this way, wasn't secure, due to the read/write permissions. Suppose I have a complicated ACL system, and I cache the permissions for each user,开发者_Go百科 to have them calculated only once. An attacker could edit the corresponding cache file to grant himself full access to the website.

The only solution I can think of is to encrypt the cache files, but this will slow things down (using cache would still be faster than not using it, but still..)

Any ideas?

You have to give read/write permissions only to Apache, not everyone.