How does one usually set up directory permissions for running CGI scripts? I have scripts that need to read and write files: html templates, pdf files etc. Is it Ok to make cgi-bin world read writable, or is that a horrible security mistake?