STIGQter STIGQter: STIG Summary: z/OS RACF STIG Version: 6 Release: 43 Benchmark Date: 24 Jan 2020: Access to SYS(x).TRACE is not limited to system programmers only.

DISA Rule

SV-127r2_rule

Vulnerability Number

V-127

Group Title

ACP00220

Rule Version

ACP00220

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

The IAO will ensure that access to SYS1.TRACE is limited to system programmers only.

Check Contents

a) Refer to the following report produced by the Data Set and Resource Data Collection:

- SENSITVE.RPT(TRACERPT)

Automated Analysis
Refer to the following report produced by the Data Set and Resource Data Collection:

- PDI(ACP00220)

___ The ACP data set rule for SYS1.TRACE allows inappropriate access.

___ The ACP data set rule for SYS1.TRACE does not restrict access to systems programming personnel and started tasks that perform GTF processing.

b) If both of the above are untrue, there is NO FINDING.

c) If either of the above is true, this is a FINDING.

Vulnerability Number

V-127

Documentable

False

Rule Version

ACP00220

Severity Override Guidance

a) Refer to the following report produced by the Data Set and Resource Data Collection:

- SENSITVE.RPT(TRACERPT)

Automated Analysis
Refer to the following report produced by the Data Set and Resource Data Collection:

- PDI(ACP00220)

___ The ACP data set rule for SYS1.TRACE allows inappropriate access.

___ The ACP data set rule for SYS1.TRACE does not restrict access to systems programming personnel and started tasks that perform GTF processing.

b) If both of the above are untrue, there is NO FINDING.

c) If either of the above is true, this is a FINDING.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

106

Comments