The Split Personality of OS/400

From Try-AS/400
Jump to navigation Jump to search

The split personality of OS/400 is a somewhat exaggerated short statement that OS/400 implements an UNIX-Shell since early versions. This qsh provides a limited runtime environment borrowed from AIX. There are some basic UNIX tools available, like ls, find and so on.

This limited shell can be expanded to a more sophisticated environment thru the installation of PASE. With this installation also comes a ssh-Server on newer OS releases. This leads to to a funny side effect:

  • When you telnet to an AS/400, you get the classic AS/400 signon screen with the classic menu- and forms-driven environment,
  • When you ssh to an AS/400 you will be directed to an UNIX shell, within the PASE environment.

Security implications

While the classical side of OS/400 (and z/OS) implement many security-enhancing measures that make it difficult to exploit a properly installed and configured machine, the more and more prevalent availability of PASE (and it's z/OS equivalent) with a multitude of available OSS tools expose an increasing surface for threats.