@@ -467,7 +467,7 @@ Custom VPN clients shall not require permissions that they do not need.
* For each permission, lookup the state after the product installation.
* Start the VPN connection.
* Collect the permission states again and compare with previous version.
* Verdict: The VPN client did not request any permissions => PASS, otherwise FAIL
* Verdict: The VPN client did not request permissions beyond those necessary for its documented functionality => PASS, otherwise FAIL.
* Evidence: Collected permission states, annotations of any permission requests explaining why they are more restricted/secure, log messages from tests
#### 5.2.6.6 MI-CONF-5: User interfaces shall prevent unintentional disabling of cybersecurity features
