1.  Home
  2. MIDRANGE-L
  3. November 2025

Re: Moving to QSECURITY 40

So far, what I am finding is one call directly to a CPP instead of using
the command. The programmer nicely documented this and I've submitted a
project request to address this.
***********************************************************
* THIS IS A SOFT SPOT. It is a direct call of the program used by
* command DSPPGMMSG. If this call becomes invalid in a future IBM
* release, the messages can be discontinued or DSPMSGWIDE call used.
* This program was used because it seemed faster and cleaner than
* the DSPMSGWIDE program.
* The command itself was not used, because it would not permit
* its use in the current operating environment. A clone command
* could be created, but that would also be sensitive to new versions
* of the operating system, unless recreated with each upgrade.
***********************************************************

On Wed, Nov 5, 2025 at 3:42 PM Rob Berendt <robertowenberendt@xxxxxxxxx>
wrote:

I am following the security reference manual at
https://www.ibm.com/docs/en/ssw_ibm_i_76/pdf/sc415302.pdf
section "Changing to security level 40"

We already have the audit journal set up. I added *AUTFAIL and *PGMFAIL
and will monitor this with:
SELECT * FROM TABLE(
SYSTOOLS.AUDIT_JOURNAL_AF(
STARTING_TIMESTAMP => timestamp('2025-11-05-15.00.00')
))
-- where VIOLATION_TYPE IN('B', 'C', 'D', 'J', 'R', 'S')
;

Another step talks about "If you have any programs that were created
before Version 1 Release 3...". I should be able to find those with this,
right?
select RELEASE_CREATED_ON, PI.*
from qsys2.program_info PI
-- where PROGRAM_LIBRARY = 'ROUTINES'
ORDER BY RELEASE_CREATED_ON
;
So far the earliest is V3R6M0. Since that is after "Version 1 Release 3"
I should be ok, right?

What is interesting is finding vendor supplied programs with V4R1M0 and a
TEXT_DESCRIPTION of "(C) 2024...". Bet you can't guess it's a vendor we're
knocking upside the head to get tested for 7.6, eh? I suppose they could
be generating on ancient stuff and restoring on newer to test.


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.