If the parent's folder limit access to a certain user or group there aren't security problems and may be exactly what you need.
for example, if you work with other people and you have a command to generate thumbnails from the shell, you may have a layout like this one
chmod user group path
2770 www-data devs /srv/www
2777 foo devs /srv/www/site/thumbnails/
/srv/www/site/thumbnails may be accessed only by people in the 'devs' or 'www-data' group ('foo' can read it only if he's in the group 'devs'). The obvious alternative would be to set that directory as owned by 'www-data', but you need root access to do that (unless you put everybody in group 'www-data', but then everyone can access every site). This way every user in the group 'devs' can make directories usable by both his teammates and the webserver, without having root power or being in group www-data. Have more than one team? Use different groups for each team.
for example, if you work with other people and you have a command to generate thumbnails from the shell, you may have a layout like this one
/srv/www/site/thumbnails may be accessed only by people in the 'devs' or 'www-data' group ('foo' can read it only if he's in the group 'devs'). The obvious alternative would be to set that directory as owned by 'www-data', but you need root access to do that (unless you put everybody in group 'www-data', but then everyone can access every site). This way every user in the group 'devs' can make directories usable by both his teammates and the webserver, without having root power or being in group www-data. Have more than one team? Use different groups for each team.