STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

IBM z/OS Default profiles must not be defined in TSS OMVS UNIX security parameters for classified systems.

DISA Rule

SV-224090r561402_rule

Vulnerability Number

V-224090

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

TSS0-US-000170

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Ensure that Use of the OMVS default UIDs will not be allowed on any classified system.

Set Control Option UNIQUSER off.

Check Contents

If the system in not classified this is not applicable.

From a command line issue the following command:
TSS MODIFY STATUS
Note: One must have appropriate access to perform this command (have the site security officer to issue command).

If system is classified and UNIQUSER is off i.e., (UNIQUSER(OFF) this is not a finding.

Vulnerability Number

V-224090

Documentable

False

Rule Version

TSS0-US-000170

Severity Override Guidance

If the system in not classified this is not applicable.

From a command line issue the following command:
TSS MODIFY STATUS
Note: One must have appropriate access to perform this command (have the site security officer to issue command).

If system is classified and UNIQUSER is off i.e., (UNIQUSER(OFF) this is not a finding.

Check Content Reference

M

Target Key

4102

Comments