STIGQter STIGQter: STIG Summary: IBM z/OS RACF Security Technical Implementation Guide Version: 8 Release: 3 Benchmark Date: 23 Apr 2021:

IBM z/OS UNIX OMVS parameters in PARMLIB must be properly specified.

DISA Rule

SV-223851r604139_rule

Vulnerability Number

V-223851

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

RACF-US-000140

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the settings in PARMLIB and /etc for z/OS UNIX security parameters with values that conform to the specifications below:

The parameter is specified as OMVS=xx or OMVS=(xx,xx,…) in the IEASYSxx member.

Note: If the OMVS statement is not specified, OMVS=DEFAULT is used. In minimum mode there is no access to permanent file systems or to the shell, and IBM’s Communication Server TCP/IP will not run.

Check Contents

Refer to the IEASYS00 member of SYS1.PARMLIB.

If the parameter is specified as OMVS=xx or OMVS=(xx,xx,…) in the IEASYSxx member, this is not a finding.

If the OMVS statement is not specified, OMVS=DEFAULT is used. In minimum mode there is no access to permanent file systems or to the shell, and IBM’s Communication Server TCP/IP will not run.

Vulnerability Number

V-223851

Documentable

False

Rule Version

RACF-US-000140

Severity Override Guidance

Refer to the IEASYS00 member of SYS1.PARMLIB.

If the parameter is specified as OMVS=xx or OMVS=(xx,xx,…) in the IEASYSxx member, this is not a finding.

If the OMVS statement is not specified, OMVS=DEFAULT is used. In minimum mode there is no access to permanent file systems or to the shell, and IBM’s Communication Server TCP/IP will not run.

Check Content Reference

M

Target Key

4101

Comments