Running cgi scripts with apache suexec, the suexec clean down variables , what not defined in apache's support/suexec.c file. This is according with apache docs: http://httpd.apache.org/docs/2.2/env.html , paragraph "Some Caveats".
But there is problem with non-ASCII file names upload with some python aplications (for example Django), running with suexec and mod_fcgid. There are required LANG and LC_ALL variables passed to CGI scripts, more infotions are there: http://stackoverflow.com/questions/6171278/unicode-in-django-admin , and https://code.djangoproject.com/wiki/django_apache_and_mod_wsgi#Additional%20Tweaking .
As it looks, then the only possible solution is add variable names to apache's support/suexec.c file. I propose add small patch with LANG and LC_ALL environments to gentoo apache patchset:
--- support/suexec.c.old 2011-11-19 19:48:45.994452000 +0200
+++ support/suexec.c 2011-11-19 19:49:39.351042000 +0200
@@ -98,6 +98,8 @@
/* variable name is */
I think they are safe and will not cause any harm to anyone, but the abandonment of the suexec in which case could lower the level of security.
Could you report your suggestion to upstream?
Is this still valid with apache-2.4?