diff --git a/lib/ansible/modules/extras/system/puppet.py b/lib/ansible/modules/extras/system/puppet.py
index d6bc434837..46a5ea58d4 100644
--- a/lib/ansible/modules/extras/system/puppet.py
+++ b/lib/ansible/modules/extras/system/puppet.py
@@ -18,6 +18,7 @@
 import json
 import os
 import pipes
+import stat
 
 DOCUMENTATION = '''
 ---
@@ -82,8 +83,13 @@ def _write_structured_data(basedir, basename, data):
     if not os.path.exists(basedir):
         os.makedirs(basedir)
     file_path = os.path.join(basedir, "{0}.json".format(basename))
+    # This is more complex than you might normally expect because we want to
+    # open the file with only u+rw set. Also, we use the stat constants
+    # because ansible still supports python 2.4 and the octal syntax changed
     out_file = os.fdopen(
-        os.open(file_path, os.O_CREAT | os.O_WRONLY, 0o600), 'w')
+        os.open(
+            file_path, os.O_CREAT | os.O_WRONLY,
+            stat.S_IRUSR | stat.S_IWUSR), 'w')
     out_file.write(json.dumps(data).encode('utf8'))
     out_file.close()