This is some example code I wrote the for the MSDN forums to showcase how you can programmatically set permissions. This code will work for splists or spwebs (in the example it’s SPList permissions, but just changing those calls to go off of Web will switch it). In addition, this shows how to set permissions automatically at feature activation using a SPFeatureReceiver. Double bonus! 
#region feature event handler // actions to perform when feature is activated/removed class FeatureReceiver : SPFeatureReceiver { #region Activate and install feature public override void FeatureActivated (SPFeatureReceiverProperties properties ) { SPWeb web = (SPWeb )properties . Feature . Parent ; SPList list = web . Lists [ "ListName" ] ; 
rolesCol.Add(addUser);//and finally we update to apply our changeslist.Update();}}
//get users and groups so we can add them to the list
SPUserCollection users = web.Users;SPGroupCollection groups = web.Groups;//get current permissions and permission definitions so we can apply permissions
SPRoleAssignmentCollection rolesCol = list.RoleAssignments;SPRoleDefinitionCollection roleDefs = web.RoleDefinitions;//get a specific user or ad security group by username
SPUser myUser = web.EnsureUser(@”DOMAIN\MySecurityGroup”);SPRoleAssignment addUser = SPRoleAssignment(myUser);//create new roles binding for user or group
SPRoleDefinitionBindingCollection bindUser = addUser.RoleDefinitionBindings;//give contribute rights to user or group, this can be the friendly name of any role definitionbindUser.Add(roleDefs["Contribute"]);//add the user to the existing role assignment collection for the objectrolesCol.Add(addUser);//and finally we update to apply our changeslist.Update();}}