The method described at the wiki page Janet cites can be used for any httpd.conf directives. I thought I'd made some edits to the page to make that clearer, but perhaps it isn't clear enough.
If the directory in question is only admin-writable, then I seriously question whether there's any security difference at all between using a .htaccess file and adding the directives to httpd.conf--I certainly haven't seen any evidence that there's a significant issue, despite a good bit of handwaving. The Apache docs (
http://httpd.apache.org/docs/current/howto/htaccess.html) do recommend avoiding .htaccess files if possible, though.
The wiki article has a lot of stuff about passwords which can obscure the issue, but it boils down to creating a custom httpd.conf template fragment that looks like this:
<Directory /home/e-smith/files/ibays/youribay/html>
RewriteEngine On
RewriteRule whatever
...
</Directory>
Then expand-template /etc/httpd/conf/httpd.conf; service httpd-e-smith restart.