diff --git a/lib/ansible/config/base.yml b/lib/ansible/config/base.yml
index 5d25cc9e716..8ce62536ee6 100644
--- a/lib/ansible/config/base.yml
+++ b/lib/ansible/config/base.yml
@@ -1,6 +1,18 @@
 # Copyright (c) 2017 Ansible Project
 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
 ---
+ALLOW_WORLD_READABLE_TMPFILES:
+  name: Allow world readable temporary files
+  default: False
+  description:
+    - This makes the temporary files created on the machine to be world readable and will issue a warning instead of failing the task.
+    - It is useful when becoming an unprivileged user.
+  env: []
+  ini:
+  - {key: allow_world_readable_tmpfiles, section: defaults}
+  type: boolean
+  yaml: {key: defaults.allow_world_readable_tmpfiles}
+  version_added: "2.1"
 ANSIBLE_COW_SELECTION:
   name: Cowsay filter selection
   default: default
diff --git a/lib/ansible/plugins/action/__init__.py b/lib/ansible/plugins/action/__init__.py
index 0b84550421f..27f858d024f 100644
--- a/lib/ansible/plugins/action/__init__.py
+++ b/lib/ansible/plugins/action/__init__.py
@@ -383,7 +383,7 @@ class ActionBase(with_metaclass(ABCMeta, object)):
         * If the chown fails we can set the file to be world readable so that
           the second unprivileged user can read the file.
           Since this could allow other users to get access to private
-          information we only do this ansible is configured with
+          information we only do this if ansible is configured with
           "allow_world_readable_tmpfiles" in the ansible.cfg
         """
         if remote_user is None:
@@ -431,7 +431,7 @@ class ActionBase(with_metaclass(ABCMeta, object)):
                     raise AnsibleError('Failed to change ownership of the temporary files Ansible needs to create despite connecting as a privileged user. '
                                        'Unprivileged become user would be unable to read the file.')
                 elif res['rc'] != 0:
-                    if self._connection._shell('allow_world_readable_temp'):
+                    if C.ALLOW_WORLD_READABLE_TMPFILES:
                         # chown and fs acls failed -- do things this insecure
                         # way only if the user opted in in the config file
                         display.warning('Using world-readable permissions for temporary files Ansible needs to create when becoming an unprivileged user. '
diff --git a/lib/ansible/utils/module_docs_fragments/shell_common.py b/lib/ansible/utils/module_docs_fragments/shell_common.py
index d6482e0821a..a1d94dbf7d4 100644
--- a/lib/ansible/utils/module_docs_fragments/shell_common.py
+++ b/lib/ansible/utils/module_docs_fragments/shell_common.py
@@ -78,15 +78,4 @@ options:
         key: admin_users
     vars:
       - name: ansible_admin_users
-  allow_world_readable_temp:
-    type: boolean
-    description:
-        - This makes the temporary files created on the machine to be world readable and will issue a warning instead of failing the task.
-        - It is useful when becoming an unprivileged user.
-    ini:
-      - section: defaults
-        key: allow_world_readable_tmpfiles
-    vars:
-      - name: ansible_world_readable_tmpfiles
-    version_added: "2.1"
 """