Question about CVE-2022-31500 in security advisories

We are running KNIME 4.5.2. The security advisories for CVE-2022-31500 suggests installations at the 4.5 level manually change the permissions on the installation folder to only allow write update by admin levels. Only installation of extensions is discussed. If the installation directory permissions is changed won’t there be issues with changing preferences also? Things like recent workspaces, etc that are in the configuration\settings\org.eclipse.ui.ide.prefs ? Is there some way to set these up not in the installation folder?