If your WordPress is running on a server that uses CPanel/WHM, WordPress is probably NOT the issue. It’s most likely your FTP server.
The default CPanel installation uses Pure-ftpd as its ftp server. I haven’t dug around enough to figure out why/where, but there appears to be some sort of bug with its handling of permissions.
If you are your own server administrator, you can change from Pure-FTP to ProFTP with a few simple clicks in your WHM (root) interface. From the main screen, under “Service Configuration”, click on “FTP Server Selection”, choose the first option (proftp), then click save. After it is installed, scroll down to the bottom and click on the configuration link to double-check the options (you may want to disable anonymous FTP).
If you are not your server’s administrator (if you do not have access to the superuser WHM account), you will want to to pass this info along to your admin so he/she could make the change for you. Once this is done, both WordPress updates and plugin updates should work without having to keep your permissions dangerously open.