Overview
You want to know if there is a way to delete the hidden folder .\gfi_temp created during RHEL scanning, as it is not deleted after the scanning or patching process is completed, and you are concerned with the security implications as the file is world-writable.
Solution
The issue has been escalated to engineering team to determine whether it is a bug or designed this way.
<supportagent> JIRA: GFIL-15043 </supportagent>
For now, you can use the Cron job feature of Linux systems which is used to automate repetitive tasks.
You can set up a Cron job which would check scanning user's home directory for the presence of .gfi_temp folder, and delete it if found. However, kindly make sure to set the Cron interval such that the folder is not deleted by Cron when LanGuard is performing an operation.
For example, a following Cron Job attempts to delete the folder /home/user123/.gfi_temp daily at 2:40 PM as follows:
- Open the Cron script with the command:
crontab -e
- To run the command every day at 2:40 PM, add the following at the end:
40 14 * * * rm -rf /home/user123/.gfi_temp
- Close the editor.
- Restart cron service at the end.
service crond restart