For FPT_AEX_EXT.1.4 the states "The application shall not write user-modifiable files to directories that contain executable files unless explicitly directed by the user to do so." However, the Assurance Activities for Android, Windows, Linux, Solaris, and Mac OS X currently addresses all files, not just user-modifiable files.

The Assurance Activities for FPT_AEX_EXT.1.4 are replaced as follows:

The evaluator shall run the application and determine where it writes its files. For files where the user does not choose the destination, the evaluator shall check whether the destination directory contains executable files. This varies per platform:

For BlackBerry: The evaluator shall consider the requirement met because the platform forces applications to write all data within the application working directory (sandbox).

For Android: The evaluator shall run the program, mimicking normal usage, and note where all user-modifiable files are written. The evaluator shall ensure that there are no executable files stored under /data/data/package/ where package is the Java package of the application.

For Windows: For Windows Universal Applications the evaluator shall consider the requirement met because the platform forces applications to write all data within the application working directory (sandbox). For Windows Desktop Applications the evaluator shall run the program, mimicking normal usage, and note where all user-modifiable files are written. The evaluator shall ensure that there are no executable files stored in the same directories to which the application wrote user-modifiable files and no data files in the application’s install directory.

For iOS: The evaluator shall consider the requirement met because the platform forces applications to write all data within the application working directory (sandbox).

For Linux: The evaluator shall run the program, mimicking normal usage, and note where all user-modifiable files are written. The evaluator shall ensure that there are no executable files stored in the same directories to which the application wrote user-modifiable files.

For Solaris: The evaluator shall run the program, mimicking normal usage, and note where all user-modifiable files are written. The evaluator shall ensure that there are no executable files stored in the same directories to which the application wrote user-modifiable files.

For Mac OS X: The evaluator shall run the program, mimicking normal usage, and note where all user-modifiable files are written. The evaluator shall ensure that there are no executable files stored in the same directories to which the application wrote user-modifiable files.

Per the SFR element and its Application Note, only user-modifiable files should be addressed by the Assurance Activities.