Apps on iOS are severely restricted and are completely passive during installation and uninstallation; therefore, developers have no design decisions with regards to installation/uninstallation of updates.

The Assurance Activity for FPT_TUD_EXT.1.3 is modified as follows:

For iOS: The evaluator shall consider the requirement met because the platform forces applications to write all data within the application working directory (sandbox).

For all other platforms: The evaluator shall record the path of every file on the entire filesystem prior to installation of the application, and then install and run the application. Afterwards, the evaluator shall then uninstall the application, and compare the resulting filesystem to the initial record to verify that no files, other than configuration, output, and audit/log files, have been added to the filesystem.

See issue description.

Apps on iOS are severely restricted and are completely passive during installation and uninstallation; therefore, developers have no design decisions with regards to installation/uninstallation of updates.