Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-6986 | ZUSS0042 | SV-7289r2_rule | DCCS-1 DCCS-2 | Medium |
Description |
---|
User identifiers (ACF2 logonids, RACF userids, and Top Secret ACIDs), groups, and started tasks that use z/OS UNIX facilities are defined to an ACP with attributes including UID and GID. If these attributes are not correctly defined, data access or command privilege controls could be compromised. |
STIG | Date |
---|---|
z/OS TSS STIG | 2018-01-05 |
Check Text ( C-4644r1_chk ) |
---|
Refer to the following report produced by the ACP Data Collection: ACF2 - ACF2CMDS.RPT(OMVSGRP) RACF - RACFCMDS.RPT(LISTGRP) Automated Analysis Refer to the following report produced by the z/OS Data Collection: - PDI(ZUSS0042) For ACF2 and RACF ensure that each GID is unique to a specific group. For TSS this is Not Applicable. |
Fix Text (F-18961r1_fix) |
---|
The systems programmer will verify that each group has a unique GID number, |