The cache folder is used to store PHP-based caches in a format that is publicly executable but will not do any harm or reveal any information if executed. Have a look at any cache file as an example, or look at the code in classes/cache/FileCache.inc.php for the code responsible for managing these files.
Files in the public file directory are uploaded by the Journal Manager via the import process, the Section Editor, Layout Editor, or Editor via the Layout section in a submission's Editing page, or the Section Editor or Editor via the expedited submission process. Generally these will be PDF or HTML files, but these user roles (Journal Manager, Section Editor, Editor, and Layout Editor) are trusted with the ability to upload any file type -- including, potentially, executable PHP files. However, nobody outside of these roles has this ability.
If you do not wish to make config.inc.php writable, you'll be presented with instructions for writing its contents manually; alternately, you can make config.inc.php writable, complete the installation process, and change it back to read-only.
Note that when the instructions say "writable" and "readable", this means by the web server user -- typically "www-data", "nobody", or "apache", depending on your server's configuration. These do not need to be world-writable -- in fact, this is generally a bad idea. I'd suggest creating a group including the www-data (or equivalent) user and making the files group-writable but not world-writable.
Open Journal Systems Team