Thread:Project:Support desk/Trouble uploading after installation/reply (7)

Making things 777 means any user can write to the directory, which means if anyone somehow gets access to your server (aka security vulnrability in something else), or if there are other users of your server, they can write stuff to the images directory. A better approach is to make the images folder either owned by the apache user, or in the apache's user's group, and only let the apache user have said permissions.