First: if you can possibly avoid giving a CGI script root privileges, do. Maybe create a 'scratch' area where a user with more limited privileges can create directories, and move them over later.

If you can't avoid it (and even if you can), turn on taint checking (add -T to your #! line) and check to see that you haven't been passed anything that could cause nasty things to happen on your system.

Consider restricting, via the webserver, access to the directory where this script will live.

All that said, check out suidperl and, if you're using Apache, suEXEC

Philosophy can be made out of anything. Or less -- Jerry A. Fodor