OS UNIX OMVS parameters in PARMLIB are not properly specified.

DISA Rule

SV-7245r2_rule

Vulnerability Number

V-6944

Group Title

ZUSS0011

Rule Version

ZUSS0011

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Review the settings in PARMLIB and /etc for z/OS UNIX security parameters and ensure that the values conform to the specifications below:

The parameter is specified as OMVS=xx or OMVS=(xx,xx,…) in the IEASYSxx member.

NOTE: If the OMVS statement is not specified, OMVS=DEFAULT is used. In minimum mode there is no access to permanent file systems or to the shell, and IBM’s Communication Server TCP/IP will not run.

Check Contents

a) Refer to the following report produced by the z /OS Data Collection:

- EXAM.RPT(PARMLIB) - Refer to the IEASYSxx listing(s).

Automated Analysis
Refer to the following report produced by the z/OS Data Collection:

- PDI (ZUSS0011)

NOTE: If the OMVS statement is not specified, OMVS=DEFAULT is used. In minimum mode there is no access to permanent file systems or to the shell, and IBM’s Communication Server TCP/IP will not run.

b) If the parameter is specified as OMVS=xx or OMVS=(xx,xx,…) in the IEASYSxx member, there is NO FINDING.

c) If the parameter is not specified as OMVS=xx or OMVS=(xx,xx,…), this is a FINDING.

STIGQter: STIG Summary: z/OS RACF STIG Version: 6 Release: 43 Benchmark Date: 24 Jan 2020: z/OS UNIX OMVS parameters in PARMLIB are not properly specified.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments