NIAP: View Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0238:  User-modifiable files FPT_AEX_EXT.1.4
Publication Date
  09/21/2017
References
PP_APP_v1.2, FPT_AEX_EXT.1.4
Issue Description

For FPT_AEX_EXT.1.4 the states "The application shall not write user-modifiable files to directories that contain executable files unless explicitly directed by the user to do so." However, the Assurance Activities for Android, Windows, Linux, Solaris, and Mac OS X currently addresses all files, not just user-modifiable files.

Resolution

The Assurance Activities for FPT_AEX_EXT.1.4 are replaced as follows:

The evaluator shall run the application and determine where it writes its files. For files where the user does not choose the destination, the evaluator shall check whether the destination directory contains executable files. This varies per platform:

For BlackBerry: The evaluator shall consider the requirement met because the platform forces applications to write all data within the application working directory (sandbox).

For Android: The evaluator shall run the program, mimicking normal usage, and note where all user-modifiable files are written. The evaluator shall ensure that there are no executable files stored under /data/data/package/ where package is the Java package of the application.

For Windows: For Windows Universal Applications the evaluator shall consider the requirement met because the platform forces applications to write all data within the application working directory (sandbox). For Windows Desktop Applications the evaluator shall run the program, mimicking normal usage, and note where all user-modifiable files are written. The evaluator shall ensure that there are no executable files stored in the same directories to which the application wrote user-modifiable files and no data files in the application’s install directory.

For iOS: The evaluator shall consider the requirement met because the platform forces applications to write all data within the application working directory (sandbox).

For Linux: The evaluator shall run the program, mimicking normal usage, and note where all user-modifiable files are written. The evaluator shall ensure that there are no executable files stored in the same directories to which the application wrote user-modifiable files.

For Solaris: The evaluator shall run the program, mimicking normal usage, and note where all user-modifiable files are written. The evaluator shall ensure that there are no executable files stored in the same directories to which the application wrote user-modifiable files.

For Mac OS X: The evaluator shall run the program, mimicking normal usage, and note where all user-modifiable files are written. The evaluator shall ensure that there are no executable files stored in the same directories to which the application wrote user-modifiable files.

Justification

Per the SFR element and its Application Note, only user-modifiable files should be addressed by the Assurance Activities.



 
Site Map              Contact Us              Home