The Split Personality of OS/400: Difference between revisions
No edit summary |
(+Cat) |
||
| (One intermediate revision by the same user not shown) | |||
| Line 6: | Line 6: | ||
== Security implications == | == Security implications == | ||
While the classical side of OS/400 (and z/OS) implement many security-enhancing measures | While the classical side of OS/400 (and z/OS) implement many security-enhancing measures that make it difficult to exploit a properly installed and configured machine, the more and more prevalent availability of PASE (and it's z/OS equivalent) with a multitude of available [[wikipedia:Open-source_software|OSS]] tools expose an increasing surface for threats. | ||
[[Category: Basic Knowledge]] | [[Category: Basic Knowledge]] | ||
[[Category: Musings]] | |||
Revision as of 17:45, 15 March 2020
The split personality of OS/400 is a somewhat exaggerated short statement that OS/400 implements an UNIX-Shell since early versions. This qsh provides a limited runtime environment borrowed from AIX. There are some basic UNIX tools available, like ls, find and so on.
This limited shell can be expanded to a more sophisticated environment thru the installation of PASE. With this installation also comes a ssh-Server. This leads to to a funny side effect:
- When you telnet to an AS/400, you get the classic AS/400 signon screen with the classic menu- and forms-driven environment,
- When you ssh to an AS/400 you will be directed to an UNIX shell, within the PASE environment.
Security implications
While the classical side of OS/400 (and z/OS) implement many security-enhancing measures that make it difficult to exploit a properly installed and configured machine, the more and more prevalent availability of PASE (and it's z/OS equivalent) with a multitude of available OSS tools expose an increasing surface for threats.