Protect the Temporary Directory

HTML Export writes temporary files to the temporary directory. These temporary files frequently include the contents of files that HTML Export is processing, including decrypted parts of encrypted files. Sensitive information is therefore exposed in the temporary directory, so it is important that only users who are permitted to access this information can access the temporary directory.

By default, HTML Export uses the system temporary directory. Many other programs might use this directory, so OpenText recommends that you configure HTML Export to use another location, by using the KVHTMLConfig() function with the KVCFG_SETTEMPDIRECTORY flag. When you run HTML Export out-of-process, you must make this call to KVHTMLConfig() before you call KVHTMLStartOOPSession().

You can then protect the configured temporary directory by setting directory permissions to allow access only to sufficiently privileged users.

NOTE: In the rare instances where the out-of-process process exits unexpectedly, KeyView cleans up any temporary files created by the child process. However, if the parent process exits unexpectedly (such as a manual interrupt, or a power failure), it cannot clean up the temporary files.

KeyView does not need temporary files to persist across different sessions, so it is safe to manually delete any files associated with a previous session.