A WP user asked about the best way to restrict access to the WP directory (on the WordPress forums) and I posted an answer without realizing that I should have explained myself further. Dougal added his own post which, I thought, was really well put and deserved a mention. He explains the intricacies of securing WordPress and in the process, explains file/directory permissions for UN*X/Linux servers as well. Good, quick, relatively complete explanation.
Here is the link to the discussion.