UCF STIG Viewer Logo

BMC Mainview for z/OS Resource Class will be defined or active in the ACP.


Overview

Finding ID Version Rule ID IA Controls Severity
V-224254 ZMVZA038 SV-224254r822582_rule Medium
Description
Failure to use a robust ACP to control a product could potentially compromise the integrity and availability of the MVS operating system and user data.
STIG Date
z/OS BMC MAINVIEW for z/OS for ACF2 Security Technical Implementation Guide 2022-03-22

Details

Check Text ( C-25927r822580_chk )

If the following GSO CLASMAP record entries are defined this is not a finding.

CLASMAP.class RESOURCE(class) RSRCTYPE(type) ENTITYLN(nn)

Note: The site determines the appropriate three letter RSRCTYPE that is unique for Mainview. The ENTITYLN should be appropriate for the site’s installation.

If the following GSO SAFDEF record entries are defined this not a finding.

INSERT SAFDEF.ssid ID(BBCS) MODE(GLOBAL)REP -
RACROUTE(SUBSYS=ssid REQSTOR=-)
Fix Text (F-25915r822581_fix)
Use SAF security to define and protect the Products resouceresource class(es).

Ensure that the following GSO CLASMAP record entry(ies) is (are) defined:

CLASMAP.class RESOURCE(class) RSRCTYPE(type) ENTITYLN(nn)

Note: The site determines the appropriate three letter RSRCTYPE that is unique for Mainview. The ENTITYLN should be appropriate for the site’s installation.

Example:

SET C(GSO)
LIST CLASMAP.BMCVIEW
INSERT CLASMAP.BMCVIEW ENTITYLN(39) RESOURCE(BMCVIEW) RSRCTYPE(BBM)

F ACF2,REFRESH(CLASMAP)

Ensure that the following GSO SAFDEF record entry(ies) is (are) defined:

SAFDEF.ssid ID(BBCS) MODE(GLOBAL)REP RACROUTE(SUBSYS=ssid REQSTOR=-)

Example:

ACF
SET C(GSO)
LIST SAFDEF.ssid
INSERT SAFDEF.ssid ID(BBCS) MODE(GLOBAL)REP RACROUTE(SUBSYS=ssid REQSTOR=-)

F ACF2,REFRESH(SAFDEF)