There's ways to make it more difficult for someone to write to your images directory, but...you have much more glaring issues on a shared server when php runs as the webserver user. For example, while you could store images in the db, but your db isn't really protected either. Anyone on the shared server can easily read your php files to get the db credentials, and then they can modify the db all they want.
Now, some automated virus type script that penetrated some other users website on your server, is not likely to try to go this far. So by adding this "hoop", you at least gain some protection against that, but don't give yourself some false sense of security.