Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-166 | ACF0660 | SV-166r2_rule | DCCS-1 DCCS-2 | Low |
Description |
---|
Users may execute programs without ACP security checking or auditing. This could result in the compromise of the confidentiality, integrity, and availability of the operating system, ACP, and customer data. |
STIG | Date |
---|---|
z/OS ACF2 STIG | 2018-10-04 |
Check Text ( C-257r1_chk ) |
---|
a) Refer to the following reports produced by the ACF2 Data Collection: - ACF2CMDS.RPT(ACFGSO) - ACF2CMDS.RPT(ATTMAINT) Automated Analysis Refer to the following report produced by the ACF2 Data Collection Checklist: - PDI(ACF0660) b) If every maintenance logonid has a corresponding GSO MAINT record, there is NO FINDING. c) If any maintenance logonid does not have a corresponding GSO MAINT record, this is a FINDING. |
Fix Text (F-27346r1_fix) |
---|
The IAO will ensure that an associated GSO maintenance record exists for each special user logonid identifying the program(s) that it is permitted to access and the library where the program(s) resides. An associated GSO MAINT record will exist for each special user logonid, identifying the program(s) that it is permitted to access and the library where the program(s) resides. Every maintenance logonid has a corresponding GSO MAINT record. Example: SET C(GSO) INSERT MAINT.DFSMSHSM LIBRARY(SYS1.LINKLIB) LID(HSMDFDSS) PGM(ADRDSSU) F ACF2,REFRESH(MAINT) |