Aside from the CGI being more vulnerable from a security standpoint, which I don't fully understand myself but have heard to be true. Installing PHP as an Apache module is also more efficient. For instance, as a CGI the php.ini configuration file has to be opened, parsed and whatnot every time a script is executed. That means that any extra extensions also have to be loaded every time a script executes. Whereas as an Apache module all of that is loaded when Apache starts, eliminating the extra overhead.
http://www.php.net/install
Have you some across this manual entry yet? It describes the CGI security vulnerabilities in detail and how to prevent exploits.
http://www.php.net/manual/en/security.cgi-bin.php
Regards,
Rich
--
[
http://www.smilingsouls.net]
[
http://pear.php.net/Mail_IMAP] A PHP/C-Client/PEAR solution for webmail