How the system restores programs

Restoring programs to your system represents a security exposure. A restored program might have been altered to perform functions that you do not intend, or the program might adopt the authority of a powerful user profile.

When the QSECURITY (security level) system value on your system is 40 or higher, the system checks for restricted instructions in all programs that are restored. You can use the QALWOBJRST system value to allow or prevent the restoration of certain types of objects on your system. You can also set the QVFYOBJRST (verify object on restore) system value to specify how the system verifies program-object signatures during a restore operation.

In order for an object to be restored successfully, it must pass the three system values that work together during a restore operation: Verify object signatures during restore (QVFYOBJRST), force conversion on restore (QFRCCVNRST), and allow restore of security-sensitive objects (QALWOBJRST). However, if the Force object conversion (FRCOBJCVN) parameter on the restore command being used and force conversion on restore (QFRCCVNRST) system value are not compatible, no conversion will occur and nothing is restored.

The system stores a validation value for all programs. When a program is restored, the system calculates the validation value and compares it to the value on the media. You can use the convert objects during restore (QFRCCNVRST) and allow restore of security sensitive objects (QALWOBJRST) system values to control the action to take when restoring programs with validation errors. You can choose to have the system re-create the program. If re-creation is successful, the program is restored and the validation error is corrected. If re-creation is not successful, the program is not restored. As an alternative, you can choose not to have the system attempt re-creation and not allow any program with a validation error to be restored. A third alternative is to not attempt re-creation and have the system restore the program with the validation error (which might be a security risk). The system contains all the information necessary to re-create an IBM® i program.

The system can now create *MODULE, *PGM, and *SRVPGM objects that take advantage of the latest hardware features of the system on which they are created or converted. New hardware features can be used immediately. In V5R4 and previous releases, the system did not use new processor features until all models supported by the current release of the operating system had the new feature. For more information, see the Adaptive Code Generation section in the Advanced Optimization Techniques chapter of ILE ConceptsLink to PDF.

Programs that use the latest hardware features might require conversion when moved to a different system that is at the same or different (earlier or later) release level, but running on an older version of the hardware. The program might require conversion because it uses at least one feature not supported by the system to which the object is being restored. To restore a program without converting it, set the Force conversion on restore system value (QFRCCVNRST) to 0 before to restoring the program and set the parameters of your restore command to not force conversion during restore.

When an external procedure associated with an Integrated Language Environment® (ILE) external program is created, an attempt is made to save the attributes for the procedure in the associated program object. If the *PGM object is saved and then restored to this or another system, the catalogs are automatically updated with those attributes.

The attributes can be saved for external procedures subject to the following restrictions:

  • The external program library must not be QSYS or QSYS2.
  • The external program must exist when the CREATE PROCEDURE statement is issued.
  • The external program must be an ILE *PGM object.
  • The external program must contain at least one Structured Query Language (SQL) statement.
  • If the object cannot be updated, the procedure will still be created.

During the restore operation of the procedure, the following items might occur:

  • If the specific name was specified when the procedure was originally created and it is not unique, an error is issued.
  • If the specific name was not specified, a unique name is generated, if necessary.
  • If the procedure name and number of parameters is not unique, the procedure cannot be registered, and an error is issued.