STIGQter: STIG Summary: IBM z/OS ACF2 Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

The number of ACF2 users granted the special privilege OPERATOR must be kept to a strictly controlled minimum.

DISA Rule

SV-223424r533198_rule

Vulnerability Number

V-223424

Group Title

SRG-OS-000080-GPOS-00048

Rule Version

ACF2-ES-000030

Severity

CAT II

CCI(s)

• CCI-000213 - The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.

Weight

10

Fix Recommendation

Ensure that access to the special privilege "OPERATOR" is kept to a minimum and limited to systems programmer, security manager and operations personnel.

Check Contents

From the ISPF Command enter:
ACF
SET LID
SET VERBOSE
LIST IF(OPERATOR)

If the number of users granted the special privilege PPGM is strictly controlled and limited to systems programmer and operations personnel, this not a finding.

If the number of users granted the special privilege PPGM is not strictly controlled and limited to systems programmer and operations personnel, this is a finding.

Vulnerability Number

V-223424

Documentable

False

Rule Version

ACF2-ES-000030

Severity Override Guidance

From the ISPF Command enter:
ACF
SET LID
SET VERBOSE
LIST IF(OPERATOR)

If the number of users granted the special privilege PPGM is strictly controlled and limited to systems programmer and operations personnel, this not a finding.

If the number of users granted the special privilege PPGM is not strictly controlled and limited to systems programmer and operations personnel, this is a finding.

Check Content Reference

M

Target Key

4100

Comments