Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The ROSCOE's Resource Class is not defined or active in the ACP.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-224340 | ZROSA038 | SV-224340r822585_rule | Medium |
| Description |
|---|
| Failure to use a robust ACP to control a product could potentially compromise the integrity and availability of the MVS operating system and user data. |
| STIG | Date |
|---|---|
| z/OS ROSCOE for ACF2 Security Technical Implementation Guide | 2022-03-22 |
Details
| Check Text ( C-26017r822583_chk ) |
|---|
| Ensure that the following GSO CLASMAP record entries are defined: CLASMAPqual RESOURCE(ROSRES) RSRCTYPE(rosid) ENTITYLN(nn) If all of the items in (b) are true, this is not a finding. If any item in (b) is untrue, this is a finding. Note: The site determines the appropriate three letter RSRCTYPE that is unique for each Roscoe system. The ENTITYLN should be appropriate for the site’s installation. |
| Fix Text (F-26005r822584_fix) |
|---|
| Use SAF security to define and protect the Products resource class(es). Ensure that the following GSO CLASMAP record entry(ies) is (are) defined: CLASMAP.ROSCOE ENTITYLN(nn) RESOURCE(ROSRES) RSRCTYPE(rosid) Note: The site determines the appropriate three letter RSRCTYPE that is unique for each Roscoe system. The ENTITYLN should be appropriate for the site’s installation. Example: SET C(GSO) LIST CLASMAP.ROSCOE INSERT CLASMAP.ROSCOE ENTITYLN(39) RESOURCE(ROSRES) RSRCTYPE(ROS) F ACF2,REFRESH(CLASMAP) |