STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:SV-223902r561402_rule
V-223902
SRG-OS-000080-GPOS-00048
TSS0-ES-000290
CAT II
10
Review access authorization to critical system files. Evaluate the impact of correcting the deficiency. Develop a plan of action and implement the changes as required to protect the LINKLIST libraries.
Configure the WRITE or greater access to LINKLIST libraries to be limited to system programmers only and all WRITE or greater access is logged.
From any ISPF input line, enter TSO ISRDDN LINKLIST.
If all of the following are untrue, this is not a finding.
If any of the following is true, this is a finding.
The ACP data set rules for LINKLIST libraries do not restrict WRITE or greater access to only z/OS systems programming personnel.
The ACP data set rules for LINKLIST libraries do not specify that all (i.e., failures and successes) WRITE or greater access will be logged.
V-223902
False
TSS0-ES-000290
From any ISPF input line, enter TSO ISRDDN LINKLIST.
If all of the following are untrue, this is not a finding.
If any of the following is true, this is a finding.
The ACP data set rules for LINKLIST libraries do not restrict WRITE or greater access to only z/OS systems programming personnel.
The ACP data set rules for LINKLIST libraries do not specify that all (i.e., failures and successes) WRITE or greater access will be logged.
M
4102