I have recently moved a wordpress site to a new host and am ironing out a few bugs.
I noticed some problems uploading images and after some tinkering around via ftp I noticed these problems went away when I set my uploads folder to 777.
I understand from reading on here and elsewhere that this is not adviseable so I contacted my host about my concerns, they replied with the following
It's only a security hole if someone could upload a script to the folder which has 777 permissions, but the same is true of any hosting if somebody got access.
If WordPress had a bug that allowed people to upload scripts to the folder, then this could be a security problem, but again, this is true of any hosting - most 777 directories are likely to be just image directories, and if your script is secure, so is the directory
I have no real reason to disbeleive my host but, like I say, I have read so many times that leaving directories as 777 is bad that I just wanted a second opinion before I went ahead, the site in question is an ecommerce site and as such I feel I should be extra vigilant when it comes to security.