STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

IBM z/OS attributes of z/OS UNIX user accounts must have a unique GID in the range of 1-99.

DISA Rule

SV-224092r561402_rule

Vulnerability Number

V-224092

Group Title

SRG-OS-000104-GPOS-00051

Rule Version

TSS0-US-000190

Severity

CAT II

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

10

Fix Recommendation

Define the OMVSGRP group and / or the STCOMVS group to the security database with a unique GID in the range of 1-99.

OMVSGRP is the name suggested by IBM for all the required userids. STCOMVS is the standard name used at some sites for the userids that are associated with z/OS UNIX started tasks and daemons. These groups can be combined at the site’s discretion.

Check Contents

A site can choose to have both an OMVSGRP group and an STCOMVS group or combine the groups under one of these names.

If OMVSGRP and/or STCOMVS groups are defined and have a unique GID in the range of 1-99 this is not a finding.

Vulnerability Number

V-224092

Documentable

False

Rule Version

TSS0-US-000190

Severity Override Guidance

A site can choose to have both an OMVSGRP group and an STCOMVS group or combine the groups under one of these names.

If OMVSGRP and/or STCOMVS groups are defined and have a unique GID in the range of 1-99 this is not a finding.

Check Content Reference

M

Target Key

4102

Comments