STIGQter: STIG Summary: IBM z/OS RACF Security Technical Implementation Guide Version: 8 Release: 3 Benchmark Date: 23 Apr 2021:

IBM z/OS FTP.DATA configuration statements for the FTP Server must be specified in accordance with requirements.

DISA Rule

SV-223739r604139_rule

Vulnerability Number

V-223739

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

RACF-FT-000070

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Configure the FTP configuration to include the UMASK statement with a value of 077.

If the FTP Server requires a UMASK value less restrictive than 077, requirements should be justified and documented with the ISSO.

Check Contents

Refer to the Data configuration file specified on the SYSFTPD DD statement in the FTP started task JCL.

If the UMASK statement is coded with a value of 077, this is not a finding.

Vulnerability Number

V-223739

Documentable

False

Rule Version

RACF-FT-000070

Severity Override Guidance

Refer to the Data configuration file specified on the SYSFTPD DD statement in the FTP started task JCL.

If the UMASK statement is coded with a value of 077, this is not a finding.

Check Content Reference

Target Key

4101

IBM z/OS FTP.DATA configuration statements for the FTP Server must be specified in accordance with requirements.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments