STIGQter STIGQter: STIG Summary: IBM z/OS RACF Security Technical Implementation Guide Version: 8 Release: 3 Benchmark Date: 23 Apr 2021:

IBM RACF LOGONIDs must not be defined to SYS1.UADS for non-emergency use.

DISA Rule

SV-223837r604139_rule

Vulnerability Number

V-223837

Group Title

SRG-OS-000324-GPOS-00125

Rule Version

RACF-TS-000020

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Configure the SYS1.UADS entries to ensure LOGONIDs defined include only those users required to support specific functions related to system recovery. Evaluate the impact of accomplishing the change.

Check Contents

Ask the system administrator to provide a list of all emergency userids available to the site along with the associated function of each.

If SYS1.UADS userids are limited and reserved for emergency purposes only, this is not a finding.

Vulnerability Number

V-223837

Documentable

False

Rule Version

RACF-TS-000020

Severity Override Guidance

Ask the system administrator to provide a list of all emergency userids available to the site along with the associated function of each.

If SYS1.UADS userids are limited and reserved for emergency purposes only, this is not a finding.

Check Content Reference

M

Target Key

4101

Comments