Add a ‘chmod($pathtofile2, 0644);’ line before the first ‘@unlink($img1);’ line in wp-admin/upload.php and a ‘chmod($pathtofile, 0644);’ line before the second ‘@unlink($img1);’ line. That’s it!
Some background:
PHP uploads files to a temporary directory first and that file is copied to the final location (among other things, this allows size restrictions to be easily enforced). The chmod functions are run at the same time as this temporary file is removed.
You can read up on chmod here:
https://www.php.net/chmod
