The number of users granted the special privilege PPGM is not justified.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-180 | ACF0840 | SV-180r2_rule | DCCS-1 DCCS-2 | Medium |
| Description |
|---|
| Users with this privilege may have access to powerful utilities and could intentionally or inadvertently compromise operating system integrity or destroy data on a large-scale basis. Misuse of these utilities could result in the compromise of the confidentiality, integrity, and availability of the operating system, ACP, or customer data. |
| STIG | Date |
|---|---|
| z/OS ACF2 STIG | 2019-12-12 |
Details
| Check Text ( C-272r1_chk ) |
|---|
| a) Refer to the following report produced by the ACF2 Data Collection: - ACF2CMDS.RPT(ATTPPGM) Automated Analysis Refer to the following report produced by the ACF2 Data Collection Checklist: - PDI(ACF0840) b) If the number of users granted the special privilege PPGM is strictly controlled and limited to systems programmer and operations personnel, there is NO FINDING. c) If the number of users granted the special privilege PPGM is not strictly controlled and limited to systems programmer and operations personnel, this is a FINDING. |
| Fix Text (F-17368r1_fix) |
|---|
| The IAO will ensure that access to the special privilege PPGM is kept to a minimum and limited to systems programmer and operations personnel Review all LOGONIDs with the PPGM attribute. |