The request processor traps every http[s] request to your OpenACS 4 AOLserver instance, does permission checking and routes it to the right filesystem path. What Jon's implying is that the ACS 3.x classic versions that first implemented the request processor probably mapped requests to the cgi directory to /dev/null heaven (I'm guessing a bit here) while the current request processor correctly let's them get handled by AOLserver's CGI module.