UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

IBM z/OS Default profiles must not be defined in TSS OMVS UNIX security parameters for classified systems.


Overview

Finding ID Version Rule ID IA Controls Severity
V-224090 TSS0-US-000170 SV-224090r877928_rule Medium
Description
Configuring the operating system to implement organization-wide security implementation guides and security checklists ensures compliance with federal standards and establishes a common security baseline across DoD that reflects the most restrictive security posture consistent with operational requirements.
STIG Date
IBM z/OS TSS Security Technical Implementation Guide 2023-03-20

Details

Check Text ( C-25763r516669_chk )
If the system in not classified this is not applicable.

From a command line issue the following command:
TSS MODIFY STATUS
Note: One must have appropriate access to perform this command (have the site security officer to issue command).

If system is classified and UNIQUSER is off i.e., (UNIQUSER(OFF) this is not a finding.
Fix Text (F-25751r516670_fix)
Ensure that Use of the OMVS default UIDs will not be allowed on any classified system.

Set Control Option UNIQUSER off.