We require indications on the operation of XCOM for Linux and Windows in 3 aspects:
- Validation of the content of sent files. Does XCOM have the capability to analyze the content of a file that is sent on the platform?
- Is there any validation in XCOM to ensure that the content of a file matches its extension?
- How does XCOM prevent Malware, malicious files or any type of Virus from being sent?
This information is to document a finding at the Security Audit level
Release : 11.6
Component : XCOM Data Transport for Linux PC
Q1. Validation of the content of sent files. Does XCOM have the capability to analyze the content of a file that is sent on the platform?
A1. Out of the box XCOM will not validate the content of files but it does have a "pre-allocation exit" XCOMPRE where a command file can be called before the transfer is executed for both locally and remotely initiated transfers.. So that would be the way for you to write custom code to automatically analyze the file content before the transfer and take any appropriate action.
xcompre Pre-allocation Exit
How to Use the Pre-allocation Script
NOTE: The XCOMPRE_LOCAL global parameter does not exist for Windows. There is a difference with the way XCOM calls xcompre on Linux compared to the way XCOM calls Xcompre.bat on Windows.
On Unix/Linux the global parameter XCOMPRE_LOCAL=YES needs to be set for xcompre to be called for both local as well as remotely initiated transfers and the value of LOCAL/REMOTE is passed to the script depending on the initiating transfer type.
On Windows XCOM will always call Xcompre.bat with the value of LOCAL/REMOTE again depending on the initiating transfer type.
Q2. Is there any validation in XCOM to ensure that the content of a file matches its extension?
A2. XCOM does not assume anything about file content from its extension e.g. .txt (ascii text), .exe (binary). It is up to the user to specify the appropriate XCOM transfer parameter according to the file type i.e. CODE_FLAG,.
Q3. How does XCOM prevent Malware, malicious files or any type of Virus from being sent?
A3. Like #1, XCOM will not perform any action out of the box and again XCOMPRE can also be used to perform any required malicious file, virus checks.