Jboss vuln should put it's flag in /home/jboss

[cliffe]

https://github.com/cliffe/SecGen/blob/ee5c9c2a2c830ebd08e20e7ed202053d9c4e2382/modules/vulnerabilities/unix/misc/jboss_remoting_unified_invoker_rce/manifests/flags.pp#L7

We should follow SecGen convention and put the flag somewhere obvious (/home) -- successful exploitation doesn't always land the attacker in the directory we are using. Also check the filename passed in is used correctly (seems to be using defaults rather than what's passed in by the scenario).

[cliffe]

Ensure the flag is leaked by the jboss user permission