In Linux, typically the Apache user has full privliledges in the Drupal directory, with the files being flagged as writable only by owner, and read-only for group and other.  (I am not sure why group and other need any access at all).