Protect the Temporary Directory
HTML Export writes temporary files to the temporary directory. These temporary files frequently include the contents of files that HTML Export is processing, including decrypted parts of encrypted files. Sensitive information is therefore exposed in the temporary directory, so it is important that only users who are permitted to access this information can access the temporary directory.
By default, HTML Export uses the system temporary directory. Many other programs might use this directory, so OpenText recommends that you configure HTML Export to use another location, KVCFG_SETTEMPDIRECTORY
flag. When you run HTML Export out-of-process, you must make this call to KVHTMLConfig() before you call KVHTMLStartOOPSession()
You can then protect the configured temporary directory by setting directory permissions to allow access only to sufficiently privileged users.