I faced this two times. I got warnings from paypal and a canadian bank as hackers used the 777 folder permission to upload files to my hosting. Due to the hacking idiots who are good for nothing, I had to answer to the foolish queries of ixwebsosting so called professional people. Who kept my site shut for almost 3 days. At other one that is jaguarpc.com ot was much better. They told me to just remove the files which hackers placed and they will put the website back on track. So be aware of these idiot childish hackers who use such baby exploits for just hacking bank accounts etc. Which these people even can't use.
having 777 ... well that's debatable if it's good or not... BUT having 777 and allowing script execution is a very bad thing, it allows people to do stuff, if done right, they could fully compimize your website users using xss and other varision attacks, if you have to have 777 i would suggestion you set the folder to throw out all files as text only (non parsed) or not allow public access to the folders.
There is no debate there, it should never be 777 unless it's a temporary thing for a install. At the very highest it should be 744 (Owner: Read,Write,Execute, Group/Other: Read).. or if possible 644.
In my opinion only files must have 777 permission that also if necessary. Folders must never be changed to the 777 permission unless it is a cache one.