The following information is a collection of tips to help you detect
potential security exposures.
Check for altered objects
This article describes how to use the Check Object Integrity (CHKOBJITG) command to look for objects that have been altered.
Evaluate registered exit programs
You can use the system registration function to register exit programs that should be run when certain events occur. To list the registration information on your system, type WRKREGINF OUTPUT(*PRINT).
Check for user objects in protected libraries
Use object authority to control who can add programs to protected libraries. User objects other than programs can represent a security exposure when they are in system libraries.
Limit the use of adopted authority
When a program runs, the program can use adopted authority to gain access to objects in two different ways:
Monitor abnormal deletions
The Print Private Authorities (PRTPVTAUT) command allows you to print a report of all the private authorities for objects of a specified type in a specified library, folder, or directory.
Monitor abnormal system use
This article describes the task, monitor abnormal system use, explains why it is important, and provides step-by-step instructions.
Monitor for use of trigger programs
This article describes the task, monitor for use of trigger programs, explains why it is important, and provides step-by-step instructions.
Prevent new programs from using adopted authority
The passing of adopted authority to programs located later in the stack provides an opportunity for a knowledgeable programmer to create a Trojan horse program.
Use digital signatures to protect software integrity
Using digital signatures gives you greater control over which software can be loaded onto your system, and allows you more power to detect changes once it has been loaded.