Hi,
I have just run into this issue recently whereby I try to remove vulnerable apps that are not installed to /Applications folder but copied and being run from Desktop or Downloads folders.
Tried this easy command in terminal locally and worked like charm:
rm -R ~/Downloads/Visual_Studio_Code.pkg
So then I created a policy that would use a script with the same exact command to remove the file and ended up having this:
Script result: rm: /var/root/Downloads/Visual_Studio_Code.app: No such file or directory
Cannot I just use tilde for specifying the currently logged in user's Download folder? Why does it say /var/root?
I have 100+ users and not fancy writing a separate script for each of them where I just use the full path.
I'm sure I'm overlooking some obvious scripting rules here so all advice would be greatly appreciated!
