STIGQter STIGQter: STIG Summary: IBM z/OS RACF Security Technical Implementation Guide Version: 8 Release: 3 Benchmark Date: 23 Apr 2021:

IBM z/OS DFSMS-related RACF classes must be active.

DISA Rule

SV-223817r604139_rule

Vulnerability Number

V-223817

Group Title

SRG-OS-000080-GPOS-00048

Rule Version

RACF-SM-000030

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure SETRopts to include MGMTCLAS, STORCLAS, PROGRAM, and FACILITY resources classes as ACTIVE.

The classes can be activated with the command:
SETR CLASSACT(MGMTCLAS STORCLAS PROGRAM FACILITY)

The classes can be RACLISTED with the command:
SETR RACL(MGMTCLAS STORCLAS)

Check Contents

From an ISPF Command Shell enter:
SETRopts list

If ACTIVE CLASSES lists the MGMTCLAS, STORCLAS, PROGRAM, and FACILITY resources classes, this is not a finding.

Vulnerability Number

V-223817

Documentable

False

Rule Version

RACF-SM-000030

Severity Override Guidance

From an ISPF Command Shell enter:
SETRopts list

If ACTIVE CLASSES lists the MGMTCLAS, STORCLAS, PROGRAM, and FACILITY resources classes, this is not a finding.

Check Content Reference

M

Target Key

4101

Comments