I want users to upload photos to these folders (with a PHP script)
upload/big
upload/thumb
I guess putting '777' is risky (they could upload some PHP files etc..)
What is the rights I should put on the upload folder ?
The folders should just have their default chmod of 755. The "trick" is to set the ownership of the folders to the user that your PHP script is running under (usually www-data or apache). If you're unsure, run this simple script:
<?php
echo `whoami`;
Then, chown the folders to this user/group, for example:
chown -R www-data upload/
That will make sure that www-data will be the owner of the upload folder and it can do as it pleases inside that folder (because the owner has full permissions).