107 lines
6.4 KiB
HTML
107 lines
6.4 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE html
|
||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html lang="en-us" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow" />
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<meta name="DC.Type" content="concept" />
|
||
|
<meta name="DC.Title" content="Signature change" />
|
||
|
<meta name="abstract" content="A scan would occur when the object is accessed if the global signature is different from the object's signature." />
|
||
|
<meta name="description" content="A scan would occur when the object is accessed if the global signature is different from the object's signature." />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzaaxscanoption.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="../apis/ifsopenexit.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="../apis/ifscloseexit.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="../apis/chgscansgn.htm" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 1999, 2006" />
|
||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1999, 2006" />
|
||
|
<meta name="DC.Format" content="XHTML" />
|
||
|
<meta name="DC.Identifier" content="rzaaxssigchg" />
|
||
|
<meta name="DC.Language" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
<title>Signature change</title>
|
||
|
</head>
|
||
|
<body id="rzaaxssigchg"><a name="rzaaxssigchg"><!-- --></a>
|
||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
<h1 class="topictitle1">Signature change</h1>
|
||
|
<div><p>A scan would occur when the object is accessed if the global signature
|
||
|
is different from the object's signature.</p>
|
||
|
<p>The global or independent ASP group signatures represent the level of software
|
||
|
associated with the scan-related exit programs.
|
||
|
The object signature reflects the global or independent ASP signature when
|
||
|
the object was last scanned. When an object is not in an independent ASP group,
|
||
|
the object signature is compared to the global scan signature. If the object
|
||
|
is in an independent ASP, the object signature is compared to the associated
|
||
|
independent ASP group scan signature.</p>
|
||
|
<div class="note"><span class="notetitle">Note:</span> In the following example, the phrases scan key and scan key signature
|
||
|
are used. The scan key is a method to identify one set of scanning software.
|
||
|
An example of this is for a specific company. The scan key signature allows
|
||
|
the set of scanning software to indicate the level of support it provides.
|
||
|
One example of this is a set of virus definitions.</div>
|
||
|
<p>Here is an example of when an object is not in an independent ASP group
|
||
|
and a scan occurs:</p>
|
||
|
<ol><li>An exit program is registered to the QIBM_QP0L_SCAN_OPEN exit point. A
|
||
|
scan key and a scan key signature were specified as follows: <p>Scan key: XXXXXX<br />
|
||
|
Scan key signature: 0000000000</p>
|
||
|
The global scan signature is 0000 and
|
||
|
is not updated.</li>
|
||
|
<li>An exit program is then registered to the QIBM_QP0L_SCAN_CLOSE exit point.
|
||
|
A scan key and a scan key signature were specified as follows: <p>Scan key: XXXXXX<br />
|
||
|
Scan key signature: 1111111111</p>
|
||
|
The global scan signature is then updated
|
||
|
to 0001.</li>
|
||
|
<li>Next, a file is opened that currently has an object signature of 0000.
|
||
|
The existence of the exit programs, coupled with the difference in global
|
||
|
scan signatures (0000 to 0001), initiates a scan. When the scan
|
||
|
completes successfully, the file signature is updated to 0001.</li>
|
||
|
<li>If the file is opened by another user, it will not be re-scanned since
|
||
|
the object and global signatures match.</li>
|
||
|
</ol>
|
||
|
<p>The example below displays that the exit program wants to cause a re-scan
|
||
|
to occur:</p>
|
||
|
<ol><li>Support has been added to the system to scan for new types of viruses.
|
||
|
The <span class="apiname">Change Scan Signature (QP0LCHSG)</span> API is called to update
|
||
|
the scan keys' scan key signature. A scan key and a scan key signature are
|
||
|
specified as follows: <p>Scan key: XXXXXX<br />
|
||
|
Scan key signature: 2222222222</p>
|
||
|
The global scan key signature is then
|
||
|
updated to 0002.</li>
|
||
|
<li>If the previously scanned file is now opened, the difference in signatures
|
||
|
will cause a re-scan.</li>
|
||
|
</ol>
|
||
|
<p>The example continues on to show when an object is in an independent ASP
|
||
|
group:</p>
|
||
|
<ol><li>An independent ASP is varied on for the first time and a file in the independent
|
||
|
ASP is opened. When the first file is opened, the independent ASP scan key
|
||
|
list is compared to the system scan key list. The two are different because
|
||
|
of the fact that there is no independent ASP scan key list. In this case,
|
||
|
the independent ASP scan key list obtains the global scan key list. The independent
|
||
|
ASP scan key list would then have a scan key of XXXXXX and a scan key signature
|
||
|
of 2222222222. As a result, the independent ASP scan signature is changed
|
||
|
to 0001. When the file in the independent ASP is opened that currently has
|
||
|
an object signature of 0000, it is then compared to the independent ASP scan
|
||
|
signature of 0001, and because of the difference the file is scanned. When
|
||
|
scanned successfully, the file signature is updated to 0001.</li>
|
||
|
</ol>
|
||
|
<div class="note"><span class="notetitle">Note:</span> A signature change will trigger a scan unless the object has the 'object
|
||
|
change only' attribute and the *USEOCOATR system value specified.</div>
|
||
|
</div>
|
||
|
<div>
|
||
|
<div class="familylinks">
|
||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzaaxscanoption.htm" title="Scanning can occur for a variety of reasons. Here is some information about when and why a scan might occur.">Scanning occurrences</a></div>
|
||
|
</div>
|
||
|
<div class="relinfo"><strong>Related information</strong><br />
|
||
|
<div><a href="../apis/ifsopenexit.htm">QIBM_QP0L_SCAN_OPEN</a></div>
|
||
|
<div><a href="../apis/ifscloseexit.htm">QIBM_QP0L_SCAN_CLOSE</a></div>
|
||
|
<div><a href="../apis/chgscansgn.htm">Change Scan Signature (QP0LCHSG) API</a></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|