Solution:
What should I do to make them readable and writable by both kovshenin and apache?
- Create a new group, say “wordpress”.
- Add both koveshenin and www-data users to the wordpress group.
- Change the group owner of all the files to wordpress (using chgrp).
- Make sure all the files are group writeable.
- Set the g+s (setgid) permission bit on all the directories of interest.
- Make sure kovshenin and apache’s default umask includes group read & write permission.
The second last step is the trick. It means that whenever kovshenin or apache creates a file in those directories, the group owner will be set to wordpress (instead of kovshenin or apache).