QDSIGNON:
The source code for the standard sign-on screen is provided in the source file QDDSSRC in library QGPL in member QDSIGNON. With the simple addition of the keyword LOGINP to this display file the user profile and password entered at sign-on is recorded in the job-log of the active interactive sub-system (usually QINTER).
The code snippet below illustrates where the LOGINP keyword could be inserted in the QDSIGNON source code.
A R SIGNON
A CLEAR
A LOGINP
A BLINK
A 01 23 ' Sign On
|
What is disconcerting is that IBOD can easily download this source member to his PC using FTP, make the change using his favorite text editor and then put it back again using FTP. What is comforting is that IBOD would then have to compile the display file object and change the sub-system description to apply the rouge sign-on screen and hopefully, object authority will prohibit him from doing this.
There once was a time when the sign-on banner was not qualified on the sub-system description, *LIBL was the default. These days it is qualified to library QSYS.
It is a nice feature to customize your sign-on banner to include your company name but you need to assure yourself that IBOD is not in your house and tampering with your sign-on banner in order to steal passwords. Even if you have not customized your sign-on banner, you should display the job-log of your active interactive sub-systems to ensure that user profile name and their associated passwords are not being captured.
|
