Even better than a reasonable explanation would be some source code. In general, running a perl script with setuid root is a serious security risk, especially if you allow a web user to pass any information to it. I wouldn't compound the risk by returning any output from that script, because they might be able to get sensitive information that way.