I'm not sure there is an official best practice anymore. As with most permissions/security based questions it depends.
Least privileges on the share, works if you only have a few permissions assign to the share and directories. However, if you have complex permissions structure on a large folder structure, then the management of the share permissions can become a significant overhead. So using everyone on share permissions simplifies the management, requiring changes to only to be made in one place.
The other advantage of using the everyone permission on the share, is that directory traversal is easier to implement.
The option to set the permissions on either the share or the files, or both, provides flexibility to deliver your use cases, based on your security, risk, trust, and management requirements.
Gary.