A scan would occur when the object is accessed if the global signature
is different from the object's signature.
The global or independent ASP group signatures represent the level of software
associated with the scan-related exit programs.
The object signature reflects the global or independent ASP signature when
the object was last scanned. When an object is not in an independent ASP group,
the object signature is compared to the global scan signature. If the object
is in an independent ASP, the object signature is compared to the associated
independent ASP group scan signature.
Note: In the following example, the phrases scan key and scan key signature
are used. The scan key is a method to identify one set of scanning software.
An example of this is for a specific company. The scan key signature allows
the set of scanning software to indicate the level of support it provides.
One example of this is a set of virus definitions.
Here is an example of when an object is not in an independent ASP group
and a scan occurs:
- An exit program is registered to the QIBM_QP0L_SCAN_OPEN exit point. A
scan key and a scan key signature were specified as follows:
Scan key: XXXXXX
Scan key signature: 0000000000
The global scan signature is 0000 and
is not updated.
- An exit program is then registered to the QIBM_QP0L_SCAN_CLOSE exit point.
A scan key and a scan key signature were specified as follows:
Scan key: XXXXXX
Scan key signature: 1111111111
The global scan signature is then updated
to 0001.
- Next, a file is opened that currently has an object signature of 0000.
The existence of the exit programs, coupled with the difference in global
scan signatures (0000 to 0001), initiates a scan. When the scan
completes successfully, the file signature is updated to 0001.
- If the file is opened by another user, it will not be re-scanned since
the object and global signatures match.
The example below displays that the exit program wants to cause a re-scan
to occur:
- Support has been added to the system to scan for new types of viruses.
The Change Scan Signature (QP0LCHSG) API is called to update
the scan keys' scan key signature. A scan key and a scan key signature are
specified as follows:
Scan key: XXXXXX
Scan key signature: 2222222222
The global scan key signature is then
updated to 0002.
- If the previously scanned file is now opened, the difference in signatures
will cause a re-scan.
The example continues on to show when an object is in an independent ASP
group:
- An independent ASP is varied on for the first time and a file in the independent
ASP is opened. When the first file is opened, the independent ASP scan key
list is compared to the system scan key list. The two are different because
of the fact that there is no independent ASP scan key list. In this case,
the independent ASP scan key list obtains the global scan key list. The independent
ASP scan key list would then have a scan key of XXXXXX and a scan key signature
of 2222222222. As a result, the independent ASP scan signature is changed
to 0001. When the file in the independent ASP is opened that currently has
an object signature of 0000, it is then compared to the independent ASP scan
signature of 0001, and because of the difference the file is scanned. When
scanned successfully, the file signature is updated to 0001.
Note: A signature change will trigger a scan unless the object has the 'object
change only' attribute and the *USEOCOATR system value specified.