diff --git a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/jboss_remoting_unified_invoker_rce.pp b/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/jboss_remoting_unified_invoker_rce.pp
index 4193b01ab..7b636b0f0 100644
--- a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/jboss_remoting_unified_invoker_rce.pp
+++ b/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/jboss_remoting_unified_invoker_rce.pp
@@ -1,2 +1 @@
 include jboss_remoting_unified_invoker_rce::install
-include jboss_remoting_unified_invoker_rce::flags
diff --git a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/manifests/flags.pp b/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/manifests/flags.pp
deleted file mode 100644
index b2e9c2b87..000000000
--- a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/manifests/flags.pp
+++ /dev/null
@@ -1,12 +0,0 @@
-class jboss_remoting_unified_invoker_rce::flags {
-  $secgen_parameters = secgen_functions::get_parameters($::base64_inputs_file)
-  $leaked_filenames = $secgen_parameters['leaked_filenames']
-  $strings_to_leak = $secgen_parameters['strings_to_leak']
-
-  ::secgen_functions::leak_files { 'jboss-flag':
-    storage_directory => '/opt/jboss-6.1.0.Final',
-    leaked_filenames  => $leaked_filenames,
-    strings_to_leak   => $strings_to_leak,
-    leaked_from       => 'jboss',
-  }
-}
diff --git a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/manifests/install.pp b/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/manifests/install.pp
index fef7af92f..fa5afaecf 100644
--- a/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/manifests/install.pp
+++ b/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/manifests/install.pp
@@ -5,6 +5,8 @@
   ensure_packages(['apt-transport-https', 'ca-certificates', 'wget', 'dirmngr', 'gnupg', 'software-properties-common'])
 
   $secgen_parameters = secgen_functions::get_parameters($::base64_inputs_file)
+  $leaked_filenames = $secgen_parameters['leaked_filenames']
+  $strings_to_leak = $secgen_parameters['strings_to_leak']
   $user = $secgen_parameters['unix_username'][0]
   $user_home = "/home/${user}"
 
@@ -75,4 +77,13 @@
     ensure => running,
     enable => true,
   }
+
+  ::secgen_functions::leak_files { 'jboss-flag':
+    storage_directory => $user_home,
+    leaked_filenames  => $leaked_filenames,
+    strings_to_leak   => $strings_to_leak,
+    owner             => $user,
+    mode              => '0600',
+    leaked_from       => 'jboss',
+  }
 }