Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-24380 | HLP0030 | SV-30055r1_rule | ECCD-1 ECCD-2 | Medium |
Description |
---|
Unrestricted control over the issuing of system commands by a Logical Partition could result in unauthorized data access and inadvertent updates. This could result in severe damage to system resources. |
STIG | Date |
---|---|
IBM HARDWARE MANAGEMENT CONSOLE (HMC) STIG | 2014-04-10 |
Check Text ( C-3642r1_chk ) |
---|
Using the Hardware Management Console, verify that the Logical Partitions cannot issue control program commands to another Logical Partition. Use the PR/SM panel, known as the Security Definitions Page, to do this. The Cross Partition Control option must be turned off. NOTE: The default is that the Cross Partition Control option is turned off. If Processor Resource/Systems Manager (PR/SM) allows unrestricted issuing of control program commands then this is a FINDING |
Fix Text (F-2347r1_fix) |
---|
Review the Security Definition parameters specified under PR/SM, and turn off the Cross Partition Control option. |