Actions That Update the "Change Date/Time" Field on the DSPOBJD Command
This document specifies the actions that cause the "Change Date/Time" field on the DSPOBJD display to be updated.
Resolving the problem
The following options cause the Change Date/Time field on the DSPOBJD display to be updated:
|o||EDTOBJAUT (when authority to *PUBLIC is changed)|
|o||GRTOBJAUT (when authority to *PUBLIC is changed)|
The following options are specific to *LIB objects and cause the Change Date/Time field on the DSPOBJD display to be updated:
|o||Re-creating an object into the library|
|o||Renaming an object in the library|
|o||Moving an object from/to the library|
|o||Deleting an object in the library|
|o||Changing the library with the CHGOBJD, CHGLIB, CHGOBJAUD, CHGOBJOWN, CHGOBJPGP cmds|
|o||Saving a database file in the library, this includes SAVLIB, SAVOBJ, SAVCHGOBJ, or anything that saves a DB file.|
The following options are specific to *PGM objects and cause the Change Date/Time field on the DSPOBJD display to be updated:
|o||Compressing or decompressing a *PGM object with the CPROBJ or DCPOBJ commands.|
|o||Using CHGPGM, except when message CPC0541- No change required is received.|
|o||Using UPDPGM. This is applicable only to ILE programs.|
For releases R530 and older, refer to APAR SE18894 for additional information for SQL program objects. The APAR states the following:
Change Date/Time of SQLRPG and RPGLE programs will change on the first run of the program. RPG and RPGLE program Change Date/Time entries are only modified if there is embedded SQL. RPG and RPGLE programs without SQL will only modify the Change Date/Time when the program is recompiled. The change occurs regardless of the users authority to the program object.
Everything is working as designed.
The space being changed is the associated space used by the database to store access plans. When this space is extended to create more room for the new access plans, it causes the CHANGE time stamp to be updated.
From talking to the security team and skimming the information in the Security Reference guide Appendix E, there is not a requirement to audit this activity.
For the question on allowing the program to be changed by an unauthorized user, it will be argued that the user is not changing the program. It is the system that is changing the program for the system's own use.
|Operating System||IBM i 7.1|
|Operating System||IBM i 6.1|
More support for:
Job and system Management
Software version: 5.4.0, 5.4.5, 6.1, 6.1.0, 6.1.1, 7.1, 7.1.0
Operating system(s): IBM i
Reference #: N1014753
Modified date: 28 February 2013