> Is it hazardous to chmod 777 apache's working dir? Let's assume noone
> but me has access to the machine both physically and over the LAN. The
> machine is just runnig http and ssh services.

Yes, of course it's hazardous!

Imagine a CGI script runs (as nobody) but some simple bug in it allows an
anonymous person over HTTP to reference a file anywhere in the filesystem.

That's just one example. Lots of other possibilities, let's say some kind
of script goes awry and tries to delete files from the wrong tree
hierarchy. This would normally fail but in the mode 777 case can wreak
total havoc.