When Apache executes CGI-Perl scripts they are executed as the apache user. So if you want to have some system commands which can be only executed as root (e.g. iptables commands) in your CGI scripts they will not get executed.

One solution is to use setuid mode in Perl.

For this you will need the perl-suid package (in Debian) or the special Perl program called suidperl.

# aptitude install perl-suid

Then you need to tweak the Perl scripts a little to avaoid warnings. If you are using the suidperl program you should replace #!/usr/bin/perl with the suidperl program (i.e. #!/usr/bin/suidperl) and use -U tag to execute unsafe commands.

#!/usr/bin/perl -wU

system(“/sbin/iptables”, “-L”);

And finally, you need to set the suid bit and change permissions to allow the CGI script to be executed as root.

# chown root:root <script name>
# chmod ug+s <script name>
# chmod a+x <script name>

Reference: http://www.thewireframecommunity.com/node/23