I'm on Mac OS X. At the end of httpd.conf I've got these two lines:
# Include /private/etc/httpd/users
The first is a standard one the comes with the Apple httpd.conf and the second one is one I doctored myself.
The upshot of these is that the files in the directories mentioned is read as extensions to httpd.conf. This makes it possible to create a special file for each virtual host, so you only just need to edit single files in this directory instead of having the whole httpd.conf loaded. Additionally, by using virtual links you can give your clients read-only access or possibly even modification rights on their own httpd.conf settings. This isn't much of a security problem as Apache has to be restarted in order for any client modification to be activated.