When using joomla the only way it will allow file uploads is if the folder has '777' permissions. My ISP keeps complaining this is a security risk because it is 'wide open', but they don't offer an alternate option.

Can someone explain what 'wide open' means?

Does this mean people can post files to these folders if they do not have ftp access and/or are not logged into Joomla?

If so, what is the correct permission setting that will only allow logged in Joomla users to post to these folders?

do you have ftp access?

I dont thing there is any setting like to allow some jumla users..almost host giving permission for one folders especially db folder. so try to play with it

Can someone explain what 'wide open' means?

They're saying the anyone or anything on the server has write access to that directory. That's not a good thing.

Depending upon how the Apache user and permissions are set up, it's conceivable that you could get by with 775. I have some Drupal sites on Dreamhost with files/uploads directories that work at 755.