× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



After installing vendor software signed on with *ALLOBJ authority you should
run a CHKOBJITG to look for IBM objects that fail a signature check. There
are several 3rd party vendors that modify QSYS objects using unsupported
interfaces. A CHKOBJITG will detect that. If something was changed that was
not documented or disclosed then I would question that.

To answer your question, yes I know of malicious code that ran/runs on
OS/400. And back doors can be installed by QPGMR just as easily as QSECOFR.
Since this is an open forum I'm going to leave it at that.

Some types of software, especially security software, is going to require
you to run programs at some time or another signed on with *ALLOBJ
authority. Whether that is at install time or any other time its all the
same. It would be nice if we could just have customers run commands we need
using standard IBM commands from a command line. But many APIs can't be run
from a command line because they require a complex set of parameters and
data structures. For example, how you would call an API from a command line
and pass on open file descriptor? You can't. So that requires you to sign on
with *ALLOBJ authority and run a menu option or vendor-supplied command.
Theoretically a back door could be installed at that time just as easily as
during install time.

In the end you should have a good trusting relationship with your software
vendor (or be dealing with an established business partner) when using
*ALLOBJ authority. Perhaps I would be suspicious of downloading something
off the Internet from an unknown company. On the other hand, I would be less
suspicous of installing SAP, or JDE, or any other advanced level IBM
business partner product, using *ALLOBJ authority. An established vendor is
not likely to risk their entire business to intentionally install a back
door on your computer for malicous purposes.

AS/400 is no different than Windows or Linux in this regard. Often times
those operating systems require admin/root authority to install also.
Otherwise all our users could just install code to the system and that would
not be desirable either.

Mike Grant
Bytware, Inc.
775-851-2900 

http://www.bytware.com



-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx 
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Keith Carpenter
Sent: Wednesday, June 14, 2006 12:44 PM
To: Midrange Systems Technical Discussion
Subject: Re: Installing 3rd Party Software using QSECOFR??


Raul A. Jager W. wrote:
A program that requires to be installed by QSECOFR can 
install a "Back 
Door" that enables an user to do anything QSECOFR can do in the 
computer.  Using QSECOFR to install a package is risky, you 
should only 
do it if you realy trust the provider of the software.

Just curious, if anyone ever heard of a virus and/or other purposely
malicious software for the System i/i5/iSeries/AS400 ?

I'm not arguing it's not possible, but rather it's not likely.

Mostly I'd like to know what's being installed or changed, so 
as to know
 what risks or problems are being created.  Helpful for uninstalling
software too.


A reason to requiere QSECOFR may be to install a "disabling 
feature" 
that you can not defeat.  This shows very little trust.

Some call this a license manager.  Defeating it could be a breach of
contract.  It certainly doesn't demonstrate much trust either.



Keith
-- 
This is the Midrange Systems Technical Discussion 
(MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.


CONFIDENTIALITY NOTICE:  This e-mail message and any attachment to this e-mail 
message contain information that may be privileged and confidential.  This 
e-mail and any attachments are intended solely for the use of the individual or 
entity named above (the recipient) and may not be forwarded to or shared with 
any third party.  If you are not the intended recipient and have received this 
e-mail in error, please notify us by return e-mail or by telephone at 
775-851-2900 and delete this message.  This notice is automatically appended to 
each e-mail message leaving Bytware, Inc.  



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.