UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The IBM z/OS user account for the UNIX kernel (OMVS) must be properly defined to the security database.


Overview

Finding ID Version Rule ID IA Controls Severity
V-98425 RACF-US-000220 SV-107529r1_rule Medium
Description
To assure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
STIG Date
IBM z/OS RACF Security Technical Implementation Guide 2020-06-29

Details

Check Text ( C-97261r1_chk )
If OMVS userid is defined to the ESM as follows, this is not a finding.

No access to interactive on-line facilities (e.g., TSO, CICS, etc.)
Default group specified as OMVSGRP or STCOMVS
UID(0)
HOME directory specified as “/”
Shell program specified as “/bin/sh”
Fix Text (F-104101r1_fix)
Define OMVS userid to the ESM as specified below:

No access to interactive on-line facilities (e.g., TSO, CICS, etc.)
Default group specified as OMVSGRP or STCOMVS
UID(0)
HOME directory specified as “/”
Shell program specified as “/bin/sh”