On my fresh install (never 2to3 migrated), the permissions look like this:
# ls -al /var/lib/pulp/media/artifact/00/
total 10372
drwxr-xr-x. 2 pulp pulp 4096 Mar 10 12:04 .
drwxr-xr-x. 257 pulp pulp 8192 Mar 10 12:04 ..
-rw-------. 1 pulp pulp 13040 Mar 10 12:03 655717ec2494a953b1c3f477bc86b080760402b72a926057076144aa8b9c41
-rw-------. 1 pulp pulp 1381996 Mar 10 11:53 9767e4fcb269500c8b2ebe0d2cf7f818b9774858019cbed6c325d7c3e73596
-rw-------. 1 pulp pulp 686508 Mar 10 11:54 b9e63e287f45300d4a4f59b6b88e25918443c932ae3e5845d5761ae193c530
-rw-------. 1 pulp pulp 8515480 Mar 10 12:04 d0de456134668f41bd9ea308a076bc0a6a805180445af8a37209d433f41efe
So yes, I would say you are right.