UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

ACIDs were found having access FAC(*ALL*).


Overview

Finding ID Version Rule ID IA Controls Severity
V-246 TSS0990 SV-246r2_rule DCCS-1 DCCS-2 Medium
Description
All users with the exception of the master security control ACID must be authorized to a facility in order to sign on to it. When a user is granted FACILITY(*ALL*) , it gives the user access to all facilities. Users should be limited to access only those facilities that are required to perform their jobs successfully.
STIG Date
z/OS TSS STIG 2017-06-26

Details

Check Text ( C-20461r1_chk )
Refer to the following reports produced by the TSS Data Collection:

- TSSCMDS.RPT(@ACIDS)
- TSSCMDS.RPT(@ALL)

Automated Analysis
Refer to the following report produced by the TSS Data Collection:

- PDI(TSS0990)

Ensure that no ACID(s) is (are) assigned FACILITY(*ALL*).
Fix Text (F-24082r1_fix)
The IAO will ensure that blanket access to all facilities; FACILITY(ALL), is never granted.

Review all access to FACILITY(*ALL*). Evaluate the impact of correcting the deficiency. Develop a plan of action and remove access to FAC(*ALL*).

Example:
TSS REM(acid) FAC(ALL)