Is there a fail-safe way of identifying all the non-system objects in the system libraries?
There are two OS/400 commands that you might want to try. The first command is PRTUSROBJ - Print User Objects. It will list out non-system objects in libraries. In addition, if you run it against QSYS, it filters out some of the objects that can ONLY be created into that library. For example, libraries and authorization lists can only be created into the QSYS library so they are not listed in the report.
The other command that you might find useful is CHKOBJITG - Check Object Integrity. You can run it for all the objects a particular user owns or against all objects in a particular library or directory. This command checks objects to see if they have been altered via Display/Alter or other means. This is especially helpful in looking for user programs that have been altered to run as system programs. The command has been significantly enhanced in V5R1 to check for more issues.
MORE INFORMATION ON THIS TOPIC
The Best Web Links: Tips, tutorials and more.
Search400's targeted search engine: Get relevant information on security.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Read this Search400 Featured Topic: Secure your iSeries
Dig Deeper on iSeries system and application security
Related Q&A from Carol Woodbury
Before changing password levels and upgrading operating systems on the AS/400, ensure the clients connecting to the NetServer do not need the old ... Continue Reading
Look in the audit journal (QAUDJRN) on the AS/400 for an authority failure message with the name of the library as the object name. Use the ... Continue Reading
When error messages arise concerning attempts to use a permanent system object without authority, find the source of the issue by looking for an AF ... Continue Reading