ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamv_5.4.0.1/rzamvqvryobjrst.htm

147 lines
8.8 KiB
HTML

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Verify object on restore" />
<meta name="abstract" content="The Verify Object on Restore (QVFYOBJRST) system value determines whether objects are required to have digital signatures in order to be restored to your system." />
<meta name="description" content="The Verify Object on Restore (QVFYOBJRST) system value determines whether objects are required to have digital signatures in order to be restored to your system." />
<meta name="DC.Relation" scheme="URI" content="rzamvrestoresysvalplan.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="verifyobjrestore" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Verify object on restore</title>
</head>
<body id="verifyobjrestore"><a name="verifyobjrestore"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Verify object on restore</h1>
<div><p>The Verify Object on Restore (QVFYOBJRST) system value determines
whether objects are required to have digital signatures in order to be restored
to your system.</p>
<p>You can prevent anyone from restoring an object, unless that object has
a proper digital signature from a trusted software provider. This value applies
to objects of types: *PGM, *SRVPGM, *SQLPKG, *CMD and *MODULE. It also applies
to *STMF objects which contain Java™ programs.</p>
<p>When an attempt is made to restore an object onto the system, three system
values work together as filters to determine if the object is allowed to be
restored. The first filter is the verify object on restore QVFYOBJRST system
value. It is used to control the restore of some objects that can be digitally
signed. The second filter is the force conversion on restore QFRCCVNRST system
value. This system value allows you to specify whether or not to convert programs,
service programs, SQL packages, and module objects during the restore.
It can also prevent some objects from being restored. Only objects that can
get past the first two filters are processed by the third filter. The third
filter is the allow object on restore (QALWOBJRST) system value. It specifies
whether or not objects with security-sensitive attributes can be restored.</p>
<p>If Digital Certificate Manager, (i5/OS™ option 34, is not installed on the
system, all objects except those signed by a system trusted source are treated
as unsigned when determining the effects of the QVFYOBJRST system value during
a restore operation. A change to this system value takes effect immediately.</p>
<div class="note"><span class="notetitle">Note:</span> <ul><li>This system value is a restricted value. See Security System Values for
details on how to restrict changes to security system values and a complete
list of the restricted system values.</li>
<li>When your system is shipped, the QVFYOBJRST system value is set to 3.
If you change the value of QVFYOBJRST, it is important to set the QVFYOBJRST
value to 3 or lower before installing a new release of the i5/OS operating
system.</li>
</ul>
</div>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><thead align="left"><tr valign="bottom"><th colspan="2" valign="bottom" id="d0e39">Possible values for the QVFYOBJRST system
value</th>
</tr>
</thead>
<tbody><tr><td valign="top" width="7.035175879396985%" headers="d0e39 ">1</td>
<td valign="top" width="92.96482412060301%" headers="d0e39 "><p>Do not verify signatures on restore. Restore all
objects regardless of their signature.</p>
<p>This value should not be used
unless you have signed objects to restore which will fail their signature
verification for some acceptable reason.</p>
</td>
</tr>
<tr><td valign="top" width="7.035175879396985%" headers="d0e39 ">2</td>
<td valign="top" width="92.96482412060301%" headers="d0e39 "><p>Verify objects on restore. Restore unsigned commands
and user-state objects. Restore signed commands and user-state objects, even
if the signatures are not valid.</p>
<p>This value should be used only if there
are specific objects with signatures that are not valid which you want to
restore. In general, it is dangerous to restore objects with signatures that
are not valid on your system.</p>
</td>
</tr>
<tr><td valign="top" width="7.035175879396985%" headers="d0e39 ">3</td>
<td valign="top" width="92.96482412060301%" headers="d0e39 "><p>Verify signatures on restore. Restore unsigned commands
and user-state objects. Restore signed commands and user-state objects only
if the signatures are valid.</p>
<p>This value may be used for normal operations,
when you expect some of the objects you restore to be unsigned, but you want
to ensure that all signed objects have signatures that are valid. Commands
and programs you have created or purchased before digital signatures were
available will be unsigned. This value allows those commands and programs
to be restored. This is the default value.</p>
</td>
</tr>
<tr><td valign="top" width="7.035175879396985%" headers="d0e39 ">4</td>
<td valign="top" width="92.96482412060301%" headers="d0e39 "><p>Verify signatures on restore. Do not restore unsigned
commands and user-state objects. Restore signed commands and user-state objects,
even if the signatures are not valid.</p>
<p>This value should be used only
if there are specific objects with signatures that are not valid which you
want to restore, but you do not want the possibility of unsigned objects being
restored. In general, it is dangerous to restore objects with signatures that
are not valid on your system.</p>
</td>
</tr>
<tr><td valign="top" width="7.035175879396985%" headers="d0e39 ">5</td>
<td valign="top" width="92.96482412060301%" headers="d0e39 "><p>Verify signatures on restore. Do not restore unsigned
commands and user-state objects. Restore signed commands and user-state objects
only if the signatures are valid.</p>
<p>This value is the most restrictive
value and should be used when the only objects you want to be restored are
those which have been signed by trusted sources.</p>
</td>
</tr>
</tbody>
</table>
</div>
<p>Objects which have the system-state attribute and objects which have the
inherit-state attribute are required to have valid signatures from a system
trusted source. The only value which will allow a system-state or inherit-state
object to restore without a valid signature is 1. Allowing such a command
or program represents an integrity risk to your system. If you change the
QVFYOBJRST system value to 1 to allow such an object to restore on your system,
be sure to change the QVFYOBJRST system value back to its previous value after
the object has been restored.</p>
<div class="p">Some commands use a signature that does not cover all parts of the object.
Some parts of the command are not signed while other parts are only signed
when they contain a non-default value. This type of signature allows some
changes to be made to the command without invalidating its signature. Examples
of changes that will not invalidate these types of signatures include:<ul><li>Changing command defaults.</li>
<li>Adding a validity checking program to a command that does not have one.</li>
<li>Changing the <span class="uicontrol">where allowed to run</span> parameter.</li>
<li>Changing the <span class="uicontrol">allow limited user</span> parameter.</li>
</ul>
If you wish, you can add your own signature to these commands that includes
these areas of the command object. </div>
<p><span class="uicontrol">Recommended Value:</span> 3.</p>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvrestoresysvalplan.htm" title="Restoring programs to your system represents a security exposure.">Security-related restore system values</a></div>
</div>
</div>
</body>
</html>