Greetings: See http://www.acm.uiuc.edu/webmonkeys/html_workshop/unix.html as well as other links related to Unix Permissions using something like http://www.google.com/search?source=ig&hl=en&q=Unix+permissions&btnG=Google+Search
For security purposes, it is best if each directory and file had the least permissions necessary for the application / system to work reliably. In the past several years, hackers have been using what is often referred to as blended attacks where various layers of security are tested, and any penetration taking advantage. One of the most common methods that works is web-based injection whereby hackers target vulnerable PHP, Perl/CGI, ASP.Net, etc. applications with the intent to pass through commands to the operating system components of the server to load root kits, and other forms of malware onto the server. If these attacks can read files that should not be read, or execute applications which should not be executable, then there is a high probability of success of the attack unless there are other layers of protection (for which by the way, firewalls are useless). http://dynamicnet.net/customer/h-sphere/security/harden_compiler_permissions.htm and http://dynamicnet.net/customer/h-sphere/security/harden_operating_system_initial.htm are examples of hardening a RedHat, CentOS, Trustix operating system with H-Sphere from http://www.psoft.net/ in mind (do not just copy and paste these commands without understanding the needs of your applications and environment). Thus stated, there are times when files do need to be rwxrwxrwx across the board, or rw-rw-rw or SUID. Thank you.
