IBM RACF must define UACC of NONE on all profiles.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-98261 | RACF-OS-000210 | SV-107365r1_rule | High |
| Description |
|---|
| The operating system must employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs. |
| STIG | Date |
|---|---|
| IBM z/OS RACF Security Technical Implementation Guide | 2020-06-29 |
Details
| Check Text ( C-97097r1_chk ) |
|---|
| Review all Dataset and resource profiles in the RACF database. If any are not defined with UACC NONE, this is a finding. |
| Fix Text (F-103937r1_fix) |
|---|
| Define each dataset and resource profile with UACC(NONE) |