you should not have to use 777 for it to work. 666 should be a viable secure chmod. you can use any file extension you want for the tex/flat files. inc is common. I have used .fun for functions, .pwd for MySQL login info, etc etc etc
You have to modify your .htaccess file however to may these files treated as PHP files. Once you do that you should beable to store sensative data in them.
My New site OpenEyes