You’re mistaken. The wiki is just saying that since suexec runs the CGI file as the user specified for the domain, it makes sure that nobody else but that user could change the CGI file contents or have created the CGI file.
But you’re talking about a CGI program writing to a directory. This only concerns suexec if it failed to do its job of switching users. Out of several years I’ve only had that happen once. The CGI program still ran but it ran under the user ‘dhapache’ and thus the CGI program itself encountered errors.
It is wise to store data files and library (source code) files outside the web directory, eg /home/username/data and /home/username/lib. The least you can do is disable the public read permission on these files - if ‘dhapache’ can’t read the file it can’t serve it.
You don’t know what the issue is yet. Internal Server Error messages are intentionally vague. The reason the error is occuring should be recorded in the error.log file for the domain.
As for the 404 error, thats because you don’t have an internal_error.html file in the your web directory. See Creating custom error pages
[color=#6600CC]Atropos[/color] | openvein.org