98 lines
6.7 KiB
HTML
98 lines
6.7 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE html
|
||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html lang="en-us" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow" />
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<meta name="DC.Type" content="concept" />
|
||
|
<meta name="DC.Title" content="Monitor the use of trigger programs" />
|
||
|
<meta name="abstract" content="DB2 Universal Database for iSeries provides the capability to associate trigger programs with database files. Trigger-program capability is common across the industry for high-function database managers." />
|
||
|
<meta name="description" content="DB2 Universal Database for iSeries provides the capability to associate trigger programs with database files. Trigger-program capability is common across the industry for high-function database managers." />
|
||
|
<meta name="DC.subject" content="trigger program, monitoring use" />
|
||
|
<meta name="keywords" content="trigger program, monitoring use" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rbaforzahftrb2.htm" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
|
||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
|
||
|
<meta name="DC.Format" content="XHTML" />
|
||
|
<meta name="DC.Identifier" content="rbafotgrpgm" />
|
||
|
<meta name="DC.Language" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
<title>Monitor the use of trigger programs</title>
|
||
|
</head>
|
||
|
<body id="rbafotgrpgm"><a name="rbafotgrpgm"><!-- --></a>
|
||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
<h1 class="topictitle1">Monitor the use of trigger programs</h1>
|
||
|
<div><p>DB2
|
||
|
Universal Database™ for iSeries™ provides the capability to associate trigger
|
||
|
programs with database files. Trigger-program capability is common across
|
||
|
the industry for high-function database managers.</p>
|
||
|
<p>When you associate a trigger program with a database file, you specify
|
||
|
when the trigger program runs. For example, you can set up the customer order
|
||
|
file to run a trigger program whenever a new record is added to the file.
|
||
|
When the customer's outstanding balance exceeds the credit limit, the trigger
|
||
|
program can print a warning letter to the customer and send a message to the
|
||
|
credit manager.</p>
|
||
|
<div class="p">Trigger programs are a productive way both to provide application functions
|
||
|
and to manage information. Trigger programs also provide the ability for someone
|
||
|
with devious intentions to create a <span class="q">"Trojan horse"</span> on your system. A
|
||
|
destructive program can be sitting and waiting to run when a certain event
|
||
|
occurs in a database file on your system. <div class="note"><span class="notetitle">Note:</span> In history, the Trojan horse
|
||
|
was a large hollow wooden horse that was
|
||
|
filled with Greek soldiers. After the horse was introduced within the walls
|
||
|
of Troy, the soldiers climbed out of the horse and fought the Trojans. In
|
||
|
the computer world, a program that hides destructive functions is often called
|
||
|
a Trojan horse.</div>
|
||
|
</div>
|
||
|
<p>When your system ships, the ability to add a trigger program to a database
|
||
|
file is restricted. If you are managing object authority carefully, the typical
|
||
|
user will not have sufficient authority to add a trigger program to a database
|
||
|
file. (Appendix D in the <cite>iSeries Security Reference</cite> book
|
||
|
tells the authority that is required or all commands, including the Add Physical
|
||
|
File Trigger (ADDPFTRG) command.</p>
|
||
|
<p>You can use the Print Trigger Programs (PRTTRGPGM)
|
||
|
command to print a list of all the trigger programs in a specific library
|
||
|
or in all libraries. The following example shows the report:</p>
|
||
|
<pre> Trigger Programs (Full Report)
|
||
|
|
||
|
Specified library . . . . . . : CUSTLIB
|
||
|
Trigger Trigger Trigger Trigger Trigger
|
||
|
Library File Library Program Time Event Condition
|
||
|
CUSTLIB MB106 ARPGMLIB INITADDR Before Update Always
|
||
|
CUSTLIB MB107 ARPGMLIB INITNAME Before Update Always</pre>
|
||
|
<p>You can use the initial report as a base to evaluate any trigger programs
|
||
|
that already exist on your system. Then, you can print the changed report
|
||
|
regularly to see whether new trigger programs have been added to your system.</p>
|
||
|
<div class="p">When you evaluate trigger programs, consider the following questions: <ul><li>Who created the trigger program? You can use the Display Object Description
|
||
|
(DSPOBJD) command to determine this.</li>
|
||
|
<li>What does the program do? You will have to look at the source program
|
||
|
or talk to the program creator to determine this. For example, does the trigger
|
||
|
program check to see who the user is? Perhaps the trigger program is waiting
|
||
|
for a particular user (QSECOFR) in order to gain access to system resources.</li>
|
||
|
</ul>
|
||
|
</div>
|
||
|
<p>After you have established a base of information, you can print the changed
|
||
|
report regularly to monitor new trigger programs that have been added to your
|
||
|
system. The following example shows the changed report:</p>
|
||
|
<pre> Trigger Programs (Changed Report)
|
||
|
Specified library . . . . . . : LIBX
|
||
|
Last changed report . . . . . : 96/01/21 14:33:37
|
||
|
Trigger Trigger Trigger Trigger Trigger
|
||
|
Library File Library Program Time Event Condition
|
||
|
INVLIB MB108 INVPGM NEWPRICE After Delete Always
|
||
|
INVLIB MB110 INVPGM NEWDSCNT After Delete Always</pre>
|
||
|
</div>
|
||
|
<div>
|
||
|
<div class="familylinks">
|
||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rbaforzahftrb2.htm" title="These topics discuss recommendations, precautions, and error messages for trigger programs. Information about monitoring and commitment control is also included.">Other important information about working with triggers</a></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|