You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
FPT_DNL_EXT.1.2 - Comment received – “The issue here is how executables are determined – malicious sites are crafty by disguising extensions or using things that people don’t realize are executables. Include an SFR indicating how the TOE should determine if a downloaded file is an executable – and it shouldn’t just be based on the MIME type or extension, but might involve testing for known magic codes at the front of the file.”
Perhaps consider asking for documentation in TSS. May be a function for OS, which has handlers for MIME types.
The text was updated successfully, but these errors were encountered:
FPT_DNL_EXT.1.2 - Comment received – “The issue here is how executables are determined – malicious sites are crafty by disguising extensions or using things that people don’t realize are executables. Include an SFR indicating how the TOE should determine if a downloaded file is an executable – and it shouldn’t just be based on the MIME type or extension, but might involve testing for known magic codes at the front of the file.”
Perhaps consider asking for documentation in TSS. May be a function for OS, which has handlers for MIME types.
The text was updated successfully, but these errors were encountered: