That might be the problem. Its insecure to use 777 or 666 for permissions on a shared hosting server. You shouldn't need to use 777 if your Gallery script is running PHP as CGI instead of a mod_php anyways. Try setting the directories to 755 and files to 644.
Though I haven't been able to duplicate your problem myself. Uh, if you don't want people downloading files from the directory at all, try using this instead:
# Deny connections from anyone
deny from all
That way you'd have to use FTP/SFTP/shell to get at the files.
However I suggest backing up the password file, and fixing the permissions (again 775 for directories and 644 for files) and then go to the DreamHost Web Panel. Once there, choose Goodies -> Htaccess/WebDAV and select the domain. Type in the directory path, check off "Password-protect this dir?", and specify usernames and passwords. Ignore the other options. Then submit the form.