UCF STIG Viewer Logo

The IBM z/OS user account for the UNIX kernel (OMVS) must be properly defined to the security database.


Overview

Finding ID Version Rule ID IA Controls Severity
V-223859 RACF-US-000220 SV-223859r604139_rule Medium
Description
To assure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
STIG Date
IBM z/OS RACF Security Technical Implementation Guide 2021-01-05

Details

Check Text ( C-25532r515265_chk )
If OMVS userid is defined to the ESM as follows, this is not a finding.

No access to interactive on-line facilities (e.g., TSO, CICS, etc.)
Default group specified as OMVSGRP or STCOMVS
UID(0)
HOME directory specified as “/”
Shell program specified as “/bin/sh”
Fix Text (F-25520r515266_fix)
Define OMVS userid to the ESM as specified below:

No access to interactive on-line facilities (e.g., TSO, CICS, etc.)
Default group specified as OMVSGRP or STCOMVS
UID(0)
HOME directory specified as “/”
Shell program specified as “/bin/sh”