Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
CL/SuperSessions Resouce Class must be defined or active in the ACP.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-224467 | ZCLSR038 | SV-224467r952255_rule | Medium |
| Description |
|---|
| Failure to use a robust ACP to control a product could compromise the integrity and availability of the MVS operating system and user data. |
| STIG | Date |
|---|---|
| z/OS CL/SuperSession for RACF Security Technical Implementation Guide | 2024-02-19 |
Details
| Check Text ( C-26144r952253_chk ) |
|---|
| Refer to the following report produced by the RACF Data Collection: - RACFCMDS.RPT(SETROPTS) Automated Analysis (Currently there is no automation for version 3 of CL/SuperSession) Refer to the following report produced by the RACF Data Collection: - PDI(ZCLSR038) If the CL/SuperSession resource class(es) is (are) active, this is not a finding. |
| Fix Text (F-26132r952254_fix) |
|---|
| Ensure that the CL/SuperSession Resource Class(es) is (are) active. The SYS3.OMEGAMON.qualifier.RLSPARM(KLKINNAM) member for Version 3 of CL/Supersession or the SYS3.OMEGAMON.qualifier.RLSPARM(KLVINNAM) member for version 2 of CL/Superssion contains a "CLASSES=" entry, this entry identifies the member that contains the "VGWAPLST EXTERNAL=" entry. The "VGWAPLST EXTERNAL=" entry identifies the resource class that is used by CL/SuperSession and this resource class will be active. Current guidance identifies that APPL is the resource class identified in the above location. Use the following commands as an example: SETROPTS CLASSACT(APPL) |