Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The IBM z/OS user account for the UNIX kernel (OMVS) must be properly defined to the security database.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-223859 | RACF-US-000220 | SV-223859r604139_rule | Medium |
| Description |
|---|
| To assure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system. |
| STIG | Date |
|---|---|
| IBM z/OS RACF Security Technical Implementation Guide | 2021-03-30 |
Details
| Check Text ( C-25532r515265_chk ) |
|---|
| If OMVS userid is defined to the ESM as follows, this is not a finding. No access to interactive on-line facilities (e.g., TSO, CICS, etc.) Default group specified as OMVSGRP or STCOMVS UID(0) HOME directory specified as “/” Shell program specified as “/bin/sh” |
| Fix Text (F-25520r515266_fix) |
|---|
| Define OMVS userid to the ESM as specified below: No access to interactive on-line facilities (e.g., TSO, CICS, etc.) Default group specified as OMVSGRP or STCOMVS UID(0) HOME directory specified as “/” Shell program specified as “/bin/sh” |