STIGQter: STIG Summary: IBM z/OS RACF Security Technical Implementation Guide Version: 8 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: IBM z/OS RACF Security Technical Implementation Guide Version: 8 Release: 3 Benchmark Date: 23 Apr 2021:SV-223747r604139_rule
V-223747
SRG-OS-000080-GPOS-00048
RACF-JS-000030
CAT II
10
Configure access for resources defined to the JESINPUT resource class to restrict to the appropriate personnel.
Grant read access to authorized users for each of the following input sources:
INTRDR
nodename
OFFn.*
OFFn.JR
OFFn.SR
Rnnnn.RDm
RDRnn
STCINRDR
TSUINRDR and/or TSOINRDR
The resource definition will be generic if all of the resources of the same type have identical access controls (e.g., if all off load receivers are equivalent).
From the ISPF Command Shell enter:
RL JESINPUT *
If the RACF resources and/or generic equivalent identified below are defined with access restricted to the appropriate personnel, this is not a finding.
INTRDR
nodename
OFFn.*
OFFn.JR
OFFn.SR
Rnnnn.RDm
RDRnn
STCINRDR
TSUINRDR and/or TSOINRDR
Note: Examples of appropriate might be access to the offload input sources is limited to systems personnel (e.g., operations staff) as directed by site operations and the site security plan.
V-223747
False
RACF-JS-000030
From the ISPF Command Shell enter:
RL JESINPUT *
If the RACF resources and/or generic equivalent identified below are defined with access restricted to the appropriate personnel, this is not a finding.
INTRDR
nodename
OFFn.*
OFFn.JR
OFFn.SR
Rnnnn.RDm
RDRnn
STCINRDR
TSUINRDR and/or TSOINRDR
Note: Examples of appropriate might be access to the offload input sources is limited to systems personnel (e.g., operations staff) as directed by site operations and the site security plan.
M
4101