STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

The IBM z/OS user account for the UNIX kernel (OMVS) must be properly defined to the security database.

DISA Rule

SV-224093r561402_rule

Vulnerability Number

V-224093

Group Title

SRG-OS-000104-GPOS-00051

Rule Version

TSS0-US-000200

Severity

CAT II

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

10

Fix Recommendation

Define OMVS userid to the ESM as specified below:

-No access to interactive on-line facilities (e.g., TSO, CICS, etc.)
-Default group specified as OMVSGRP or STCOMVS
-UID(0)
-HOME directory specified as "/"
-Shell program specified as "/bin/sh"

Check Contents

If OMVS userid is defined to the ESM as follows, this is not a finding.

-No access to interactive on-line facilities (e.g., TSO, CICS, etc.)
-Default group specified as OMVSGRP or STCOMVS
-UID(0)
-HOME directory specified as "/"
-Shell program specified as "/bin/sh"

Vulnerability Number

V-224093

Documentable

False

Rule Version

TSS0-US-000200

Severity Override Guidance

If OMVS userid is defined to the ESM as follows, this is not a finding.

-No access to interactive on-line facilities (e.g., TSO, CICS, etc.)
-Default group specified as OMVSGRP or STCOMVS
-UID(0)
-HOME directory specified as "/"
-Shell program specified as "/bin/sh"

Check Content Reference

M

Target Key

4102

Comments