If it is umask, then that would be umask for the Apache process, not the second script (which I presume doesn't run as Apache).
The CGI script can explicitly set the permissions when creating the folder using mkdir() or makedirs() so that others can write into it. (Depending on how public or private the machine is, this may or may not be a security issue.) -- http://mail.python.org/mailman/listinfo/python-list
