From 618d1a3871ea1b50c60702e486ceae6537ad1d93 Mon Sep 17 00:00:00 2001
From: Toshio Kuratomi <a.badger@gmail.com>
Date: Mon, 19 Oct 2020 11:58:09 -0700
Subject: [PATCH] Document security concern for users setting the
 system_tmpdirs shell plugin config (#72213)

---
 lib/ansible/plugins/doc_fragments/shell_common.py | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/lib/ansible/plugins/doc_fragments/shell_common.py b/lib/ansible/plugins/doc_fragments/shell_common.py
index 5f43d5f8538..5b018000bfd 100644
--- a/lib/ansible/plugins/doc_fragments/shell_common.py
+++ b/lib/ansible/plugins/doc_fragments/shell_common.py
@@ -34,9 +34,11 @@ options:
     version_added: "2.10"
   system_tmpdirs:
     description:
-       - "List of valid system temporary directories for Ansible to choose when it cannot use
-         ``remote_tmp``, normally due to permission issues.  These must be world readable, writable,
-         and executable."
+       - "List of valid system temporary directories on the managed machine for Ansible to choose
+         when it cannot use ``remote_tmp``, normally due to permission issues.  These must be world
+         readable, writable, and executable. This list should only contain directories which the
+         system administrator has pre-created with the proper ownership and permissions otherwise
+         security issues can arise."
     default: [ /var/tmp, /tmp ]
     type: list
     env: [{name: ANSIBLE_SYSTEM_TMPDIRS}]