STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

IBM z/OS UNIX OMVS parameters in PARMLIB must be properly specified.

DISA Rule

SV-224086r561402_rule

Vulnerability Number

V-224086

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

TSS0-US-000130

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the settings in PARMLIB and /etc for z/OS UNIX security parameters with values that conform to the specifications below:

The parameter is specified as OMVS=xx or OMVS=(xx,xx,…) in the IEASYSxx member.

Note: If the OMVS statement is not specified, OMVS=DEFAULT is used. In minimum mode there is no access to permanent file systems or to the shell, and IBM’s Communication Server TCP/IP will not run.

Check Contents

Refer to the IEASYS00 member of SYS1.PARMLIB.
If the parameter is specified as OMVS=xx or OMVS=(xx,xx,…) in the IEASYSxx member, this is not a finding.

If the OMVS statement is not specified, OMVS=DEFAULT is used. In minimum mode there is no access to permanent file systems or to the shell, and IBM’s Communication Server TCP/IP will not run.

Vulnerability Number

V-224086

Documentable

False

Rule Version

TSS0-US-000130

Severity Override Guidance

Refer to the IEASYS00 member of SYS1.PARMLIB.
If the parameter is specified as OMVS=xx or OMVS=(xx,xx,…) in the IEASYSxx member, this is not a finding.

If the OMVS statement is not specified, OMVS=DEFAULT is used. In minimum mode there is no access to permanent file systems or to the shell, and IBM’s Communication Server TCP/IP will not run.

Check Content Reference

M

Target Key

4102

Comments