I was not aware of this particular issue. I knew that ACLs were turned on by default in Leopard, but I had no idea that the users and groups were rearranged.Leopard does permissions differently than its predecessors. For example, each account used to be in a group by the same name, but in Leopard, all user accounts are in the staff group. After a simple update, the files had a group ID that did not correspond to a name, and if you tried to correct it, Get Info crashed. There were also problems with extended attributes, so you could load a file into a word processor, edit it, and then not be able to save it. I figured out a series of about six UNIX commands that straightened it out. (I created a new account, examined how the permissions were set, then replicated that in the existing user account.) A correspondent of mine in another country ran into the same problem and fixed it using my technique.
There is a utility on the disk that is supposed to repair permissions in a user's home folder, but it doesn't appear to work right.
It would be very nice if 10.5.3 ran a UNIX script to check permissions and set them correctly.
Speaking of permissions issues, there is one issue I'd like to see fixed: In Leopard, it's not possible from the GUI to grant (or deny) permissions to one of the "hidden" users in Mac OS X (for example, www - the user the Mac OS X web server runs as). In order for web pages to be served right, the www user requires at least read access to certain folders (and, in some cases, write access as well). I can do all these permission manipulations from the command line, but I wish I didn't have to.