STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:SV-224079r561402_rule
V-224079
SRG-OS-000080-GPOS-00048
TSS0-US-000060
CAT II
10
Review the access authorizations defined in the ACP for the MVS data sets that contain operating system components and for the MVS data sets that contain HFS file systems and ensure that they conform to the specifications below.
Review the UNIX permission bits on the HFS directories and files and ensure that they conform to the specifications below:
Define ESM data set rules for the data sets referenced in the ROOT and the MOUNT statements in BPXPRMxx to restrict update access to the z/OS UNIX kernel (i.e., OMVS or OMVSKERN).
Define ESM data set rules for the data sets referenced in the ROOT and the MOUNT statements in BPXPRMxx to restrict WRITE or greater access to systems programming personnel.
Refer to the proper BPXPRMxx member in SYS1.PARMLIB
If the ESM data set rules for the data sets referenced in the ROOT and the MOUNT statements in BPXPRMxx restrict update access to the z/OS UNIX kernel (i.e., OMVS or OMVSKERN), this is not a finding.
If the ESM data set rules for the data set referenced in the ROOT and the MOUNT statements in BPXPRMxx restrict WRITE or greater access to systems programming personnel, this is not a finding.
V-224079
False
TSS0-US-000060
Refer to the proper BPXPRMxx member in SYS1.PARMLIB
If the ESM data set rules for the data sets referenced in the ROOT and the MOUNT statements in BPXPRMxx restrict update access to the z/OS UNIX kernel (i.e., OMVS or OMVSKERN), this is not a finding.
If the ESM data set rules for the data set referenced in the ROOT and the MOUNT statements in BPXPRMxx restrict WRITE or greater access to systems programming personnel, this is not a finding.
M
4102