In "What are the scripts permissions?", I might add that sometimes you need to worry about the permissions of all directories up to the one that contains the script. This will be system-dependent, but I've had the following problem when using Apache with suexec on RedHat Linux: the way users and bashrc are setup by default, users have their own group and a umask of 002. That is, when I create a directory, it looks like this:

drwxrwxr-x   42 itub     itub         4096 Jul 30 15:59 test

Even if it has mode 0775, only I can read it because only I belong to my group. However, Apache's suexec doesn't know that and thinks that this is a security risk because others might be able to modify the script. I have to make all directories (e.g., /home, /home/itub, /home/itub/public_html, ...) have permissions 0755 or 0711 or similar.