STIGQter: STIG Summary: IBM z/OS ACF2 Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: IBM z/OS ACF2 Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:SV-223453r533198_rule
V-223453
SRG-OS-000080-GPOS-00048
ACF2-ES-000320
CAT I
10
Configure update and allocate access to SYS1.SVCLIB to be limited to system programmers only and all Update and Allocate access is logged and reviewed. Evaluate the impact of correcting the deficiency. Develop a plan of action and implement the changes for SYS1.SVCLIB. SYS1.SVCLIB contains SVCs and I/O appendages as such: they are very powerful and will be strictly controlled to avoid compromising system integrity.
Execute a data set list of access for SYS1.SVCLIB.
If all of the following are true, this is not a finding.
If any of the following are untrue this is a finding.
ESM data set rules for SYS1.SVCLIB restrict UPDATE and/or ALTER access to only z/OS systems programming personnel.
ESM data set rules for SYS1.SVCLIB specify that all (i.e., failures and successes) UPDATE and/or ALTER access will be logged.
V-223453
False
ACF2-ES-000320
Execute a data set list of access for SYS1.SVCLIB.
If all of the following are true, this is not a finding.
If any of the following are untrue this is a finding.
ESM data set rules for SYS1.SVCLIB restrict UPDATE and/or ALTER access to only z/OS systems programming personnel.
ESM data set rules for SYS1.SVCLIB specify that all (i.e., failures and successes) UPDATE and/or ALTER access will be logged.
M
4100