That very much depends on your server setup. See this FAQ about the issue How should file permissions be set?
The bottom line is that php has to have a permission to write/read to those folders and the files within. In our case I give the folder permissions recursively to a user and group named “apache”, in some cases it could “wwwdata”, but other setups do not require these kind of settings at all.