In order for a process to kill() (as in send a signal to) another, one of the two conditions must hold:

• The process issuing the kill() call must be running as root.

• The process issuing the kill() call is running under the same uid as the target of the call.

Normally, your web server will be running under a non-root uid for security reasons.

Insure that the server you're running is indeed using the same uid as your web server. Looking at the result code of the kill() call should help you pinpoint this particular condition.

You must be careful when dealing with this kind of scenario. You specifically want to avoid running the cgi script suid to root for similar security reasons. Perhaps running it suid to the uid of your server might be acceptable, but be sure to check with your local sysadmins first.

Good luck.