Does anyone have a robust solution for the problem that on Plesk (and both the control panels I've used prior to Plesk), PHP runs as a user (generally apache) which is not part of a site's group. This generally leads to the requirement that any directory where the CMS needs to write files have permissions of 777 - not good for security.
So far I've found a $proprietary plesk add-on called run PHP as user. Seems like a good option but I only have a production server, so trying to install it would be high-risk.
Would making apache a member of the groups psacln or psaserv work? psaserv is the group for all sites above their httpdocs directory, psacln for all files and directories below httpdocs.
It's because your domain/site is set to run PHP as Apache module (using Apache user). Go to Web Hosting Settings or Settings (depending on the version of your Plesk) and use FastCGI. With that, PHP will be executed by your account. Similar to cPanel's way using suPHP.