UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Resouce Class ROSRES is not defined or active in the ACP.


Overview

Finding ID Version Rule ID IA Controls Severity
V-225604 ZROST038 SV-225604r855204_rule Medium
Description
Failure to use a robust ACP to control a product could potentially compromise the integrity and availability of the MVS operating system and user data.
STIG Date
z/OS ROSCOE for TSS Security Technical Implementation Guide 2022-10-10

Details

Check Text ( C-27304r520871_chk )
a) Refer to the following report produced by the ACP Data Collection:

- TSSCMDS.RPT(#RDT)

b) Ensure that Product Resource Class(es) is (are) defined in the Resource Definition Table as follows:

Note: Identify all of the attributes and charactistics of the Product resource class in the TSS Resource Definition Table (delete this note).

RESOURCE CLASS = ROSRES
RESOURCE CODE = X'hex code'
ATTRIBUTE = MASK|NOMASK,MAXOWN(08),MAXPERMIT(044),ACCESS,DEFPROT
ACCESS = NONE(0000),CONTROL(0400),UPDATE(6000),READ(4000)
ACCESS = WRITE(2000),ALL(FFFF)
DEFACC = READ

c) If all of the items in (b) are true, there is NO FINDING.

d) If any item in (b) is untrue, this is a FINDING.
Fix Text (F-27292r520872_fix)
The IAO will ensure the Product resource class(es) is (are) defined in the TSS RDT. The IAO will issue one of the following commands to define the Product resource class(es):

TSS REPLACE(RDT) RESCLASS(ROSRES) -
MAXLEN(044) -
ATTR(MASK|NOMASK,DEFPROT) -
ACLST(NONE(0000),CONTROL(0400),UPDATE(6000),READ(4000),WRITE(2000),ALL(FFFF)) -
DEFACC(READ)

TSS ADDTO(RDT) RESCLASS(ROSRES) -
RESCODE(hex-code) -
ATTR(MASK|NOMASK,DEFPROT) -
ACLST(NONE(0000),CONTROL(0400),UPDATE(6000),READ(4000),WRITE(2000),ALL(FFFF)) -
DEFACC(READ)