suExec is carefully constructed to prevent exactly what you are trying to do. sudo would be a better option, have the cgi run as whatever user the webserver normally runs it as and configure (very carefully) sudo to allow that script to run only the commands it needs to in order to modify the files and restart networking. If I were planning to do something like this, I would probably modify the config files so the web server can write to them, configure sudo so it can run netstart, and not worry about trying to run the script itself as root (which is an overwhelmingly bad idea)