ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamv_5.4.0.1/rzamvrestoreprog.htm

89 lines
5.9 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Restore programs" />
<meta name="abstract" content="Restoring programs to your system that are obtained from an unknown source poses a security exposure. Programs might perform operations that break your security requirements. Of particular concern are programs that contain restricted instructions, programs that adopt their owner authority, and programs that have been tampered with." />
<meta name="description" content="Restoring programs to your system that are obtained from an unknown source poses a security exposure. Programs might perform operations that break your security requirements. Of particular concern are programs that contain restricted instructions, programs that adopt their owner authority, and programs that have been tampered with." />
<meta name="DC.Relation" scheme="URI" content="rzamvrestoresecinfo.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="restoreprog" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Restore programs</title>
</head>
<body id="restoreprog"><a name="restoreprog"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Restore programs</h1>
<div><p>Restoring programs to your system that are obtained from
an unknown source poses a security exposure. Programs might perform operations
that break your security requirements. Of particular concern are programs
that contain restricted instructions, programs that adopt their owner authority,
and programs that have been tampered with.</p>
<p>This includes object types *PGM, *SRVPGM, *MODULE, and *CRQD. You can use
the QVFYOBJRST, QFRCCVNRST, and QALWOBJRST system values to prevent these
object types from being restored to your system. See Security-Related Restore
System Values for more information about these system values. </p>
<div class="p">The system uses a validation value to help protect programs. This value
is stored with a program and recalculated when the program is restored. The
systems actions are determined by the ALWOBJDIF parameter on the restore
command and the force conversion on restore (QFRCCVNRST) system value. <div class="note"><span class="notetitle">Note:</span> Programs
that are created for systems running Version 5 Release 1 or later versions
of OS/400<sup>®</sup> or i5/OS™ contain
information that allows the program to be re-created at restore time if necessary.
The information needed to re-create the program remains with the program even
when the observability of the program is removed. If a program validation
error is determined to exist at the time the program is restored, the program
will be re-created in order to correct the program validation error. The action
of re-creating the program at restore time is not new to iseries Version 5
Release 1. In previous releases, any program validation error that was encountered
at restore time resulted in the program being re-created if possible (if observability
existed in the program being restored). The difference with Version 5 Release
1 or later versions of programs is that the information needed to re-create
these programs remain, even when observability is removed from the program. </div>
</div>
<p>Restoring Programs That Adopt the Owners Authority: </p>
<div class="p">When a program is restored that adopts owner authority, the ownership and
authority to the program may be changed. The following applies: <ul><li>The user profile doing the restore operation must either own the program
or have *ALLOBJ and *SECADM special authorities. </li>
<li>The user profile doing the restore operation can receive the authority
to restore the program by<ul><li>Being the program owner.</li>
<li>Being a member of the group profile that owns the program (unless you
have private authority to the program).</li>
<li>Having *ALLOBJ and *SECADM special authority.</li>
<li> Being a member of a group profile that has *ALLOBJ and *SECADM special
authority.</li>
<li>Running under adopted authority that meets one of the tests just listed.</li>
</ul>
</li>
<li> If the restoring profile does not have adequate authority, all public
and private authorities to the program are revoked, and the public authority
is changed to *EXCLUDE. </li>
<li>If the owner of the program does not exist on the system, ownership is
given to the QDFTOWN user profile. Public authority is changed to *EXCLUDE
and the authorization list is removed.</li>
</ul>
</div>
<p>Refer to <a href="rzamvrestorelicprog.htm#restorelicprog">Restore licensed
programs</a> for more information.</p>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvrestoresecinfo.htm" title="Recovering your system often requires restoring data and associated security information.">Restore security information</a></div>
</div>
</div>
</body>
</html>