setuid scripts have a long history of security problems... see perlsec.

Since you are talking about CGI, you might want to look into suEXEC (browse your Apache docs). It allows you to execute your scripts as any user.

-- 
        dakkar - Mobilis in mobile