We are developing a web site that, among other things, allows a user to select a script on a server to remotely execute (the apache web server and the scripts are on the same server). The page is served from a Python CGI script. We are currently executing the script by running 'su' to switch to the correct user on the server and then running the script. The password for the user is hardcoded in the CGI script. How can this be done in a more secure manner?