@Kapowee As i am the only one using my server, and i run my instance locally, security was not one of the main concerns when i wrote that readme.
However you are absolutely right. If security is a concern then you should absolutely not use 777 on these folders. And since the user you create at the beginning of the readme (provided you create a user and don’t want to use the apache www) is already invited to the apache group (www) then you don’t even have to use newgrp. The user already has permissions on these folders, so simply change the permissions to something like 775.
The permissions i used i simply copy/pasted from installation instructions i found online. (I believe at some point the update daemon itself made that suggestion in the logfile when it had no write permissions) I don’t know how the ttrss backend works, but i have a feeling that these permissions are suggested to be 777 not only for the update daemon. Nevertheless i changed them to 775 in my instance, and everything seems to be running fine, so i made that correction in the readme file.