I do believe this to be mostly incorrect. The Twitterverse has already shown it possible on FreeBSD/Apache, for instance.
I’ve spent most of the last two or three days trying to get at private keys on a production-esque nginx / Ubuntu set up, and Rob’s article mirrors my own findings. I distinctly get the impression that it’s actually most correct, and that cases like FreeBSD/Apache are rare.
He’s updated his article to say he was completely wrong.
I’ve down-voted this as poorly titled as the blog post title now ends in “[Retracted]”.