I've installed CentOS 5.5 with apache, php and mysql.
Right now the /var/www/html directory is owned by the root while apache is being run by apache user from apache group.
Is that recommended? Should I chown the html directory to another user such as wwwuser:wwwgroup?
Generally speaking, a web server's user should not have write access to anything, particularly not if it is running dynamic systems like PHP.
Apache achieves privilege separation by having the sensitive bits operate from a master process running as root, which the children can send log events to and get configuration from. The children run as unpriviliged users that should only read stuff.