Obviously on a shared hosting platform this would be a security risk but does this matter on a private server?
Yes, it does matter.
Disclaimer: I never used IIS or Plesk.
But, I was in a situation where I had to do two following things to install plugins and update the WordPress core on a particular VPS server.
- chown -R user:group_of_webserver /path/to/public_html/
- chmod -R g+w /path/to/public_html
As you might guess, it is a tedious work to do the same after every update of each plugin used. If we add any caching plugin that needs writing permissions on a particular directory, then it becomes even more complex. After each update, the permissions need to be reversed too.
In this case, the best thing to do (disclaimer:I'm not doing it), is to switch the installation to SVN set up and make a script to run at the end of every day.
Again, if you are setting up SVN, there are two ways to do. One is using the trunk version (that might have bugs, even though they are bug fixes at times) and other is using the stable tag/version. In the case of using stable tags, I have not done any automation. There may be a way that someone else could help!
Anyway, it's best not to use 777 at any VPS even if it is the only site.