Hello Qlik Community,
Recently I was posed with a question around .DS_Store Vulnerabilities that came up during a vulnerability scan on a Qlik Sense Server that a customer of mine has. I reviewed the vulnerability, and it seems that if customers uses Apple Products and browse folder structures, they can leave junk files that can open vulnerabilities, like .DS_Store. I was wondering if there was a Qlik Sense Level way of preventing these vulnerabilities.
Outside of Qlik Security, in Windows GPO, you can block extension types. It would be required to remove any of the .DS_Store files to clear the vulnerability, but blocking the extensions at the user GPO level should prevent new .DS_Stores from being added. Regular File Scans for the extension type could also be a good practice.
I would like to be able to recommend a Qlik Level solution as I manage Qlik for the clients, not Windows. Any advice from the Qlik Community?
Thanks!