My favorite method is to run (on Apache) with the suEXEC option set. That has your cgi scripts run as you. There are dangers similar to running suid, but you have much better use of unix native filesystenm security.

After Compline,
Zaxo