I would be asking myself a few things.. For example; is there any chance that someone will run your bash/whatever script from the command line? What if you fed your executable script some bogus info, will it blow up, ruin something? I don't know that you have to make an executable any less secure then a regular cgi script. It *is* easier to debug though then stinkin' cgi.. ack.. ugh. *cough*.. excuse me.

I'm not sure how far along you are in this venture- but i'll risk sounding obvious just in case and mention that: you have to remember that the script will not be run by *you*- it will be run by apache, or whatever user the web server is running as. Unless of course, you are running su exec- it lets scripts run with *your* permissions- super useful- but.. it means your scripts have the power to destroy any data that *you* can.

Also, if you need your script to do some freaky business like add or take out real users fromthe machine, i would look into sudo, which let's regular users (maybe a safer *you* or apache) do things to the machine that only root regularly can.

Personally, I have faced this kind of thing with making modules that have interface independent code/methods/subs- so.. it's really convenient for testing. And then your interface - be it cgi or cli- is almost (almost!) an afterthought.

Your module code would check all the parameters to make sure they are not crud- and then after something happens, it can check that it really did happen- etc. If your cli or your cgi calls the stuff- the meat is the same.

It's amazing how much the web can complicate a trivial task. sigh. Hope any of that helps.