Restoring programs to your system that are obtained from
an unknown source poses a security exposure. Programs might perform operations
that break your security requirements. Of particular concern are programs
that contain restricted instructions, programs that adopt their owner authority,
and programs that have been tampered with.
This includes object types *PGM, *SRVPGM, *MODULE, and *CRQD. You can use
the QVFYOBJRST, QFRCCVNRST, and QALWOBJRST system values to prevent these
object types from being restored to your system. See Security-Related Restore
System Values for more information about these system values.
The system uses a validation value to help protect programs. This value
is stored with a program and recalculated when the program is restored. The
system’s actions are determined by the ALWOBJDIF parameter on the restore
command and the force conversion on restore (QFRCCVNRST) system value.
Note: Programs
that are created for systems running Version 5 Release 1 or later versions
of OS/400® or i5/OS™ contain
information that allows the program to be re-created at restore time if necessary.
The information needed to re-create the program remains with the program even
when the observability of the program is removed. If a program validation
error is determined to exist at the time the program is restored, the program
will be re-created in order to correct the program validation error. The action
of re-creating the program at restore time is not new to iseries Version 5
Release 1. In previous releases, any program validation error that was encountered
at restore time resulted in the program being re-created if possible (if observability
existed in the program being restored). The difference with Version 5 Release
1 or later versions of programs is that the information needed to re-create
these programs remain, even when observability is removed from the program.
Restoring Programs That Adopt the Owner’s Authority:
When a program is restored that adopts owner authority, the ownership and
authority to the program may be changed. The following applies:
- The user profile doing the restore operation must either own the program
or have *ALLOBJ and *SECADM special authorities.
- The user profile doing the restore operation can receive the authority
to restore the program by
- Being the program owner.
- Being a member of the group profile that owns the program (unless you
have private authority to the program).
- Having *ALLOBJ and *SECADM special authority.
- Being a member of a group profile that has *ALLOBJ and *SECADM special
authority.
- Running under adopted authority that meets one of the tests just listed.
- If the restoring profile does not have adequate authority, all public
and private authorities to the program are revoked, and the public authority
is changed to *EXCLUDE.
- If the owner of the program does not exist on the system, ownership is
given to the QDFTOWN user profile. Public authority is changed to *EXCLUDE
and the authorization list is removed.
Refer to Restore licensed
programs for more information.