Here is what my host wrote (I have a dedicated server):
That really depends. Here are some scenarios where it [automatic upgrade] would work without error:
A webserver where everything is persistently kept to having 777 permission - VERY INSECURE.
A webserver running php as suPHP, which reowns all processes to the UID of the user rather than the apache user (nobody).
A blog where there are not modules that have created content on their own, which end up owned as nobody.
Now for the solution. For the most part, upgrading can be handled through Fantastico (assuming wordpress was installed through it). This is slightly behind the lastest version as they iron out all the kinks to make sure it is compatible with their software.
Alternately, you could convert your server to suPHP which requires all items to be owned by the individual users and have secure permissions.
Or you could simply upgrade manually, correcting permissions as you went.