STIGQter: STIG Summary: IBM z/OS TSS Security Technical Implementation Guide Version: 8 Release: 2 Benchmark Date: 23 Apr 2021:

The IBM z/OS user account for the UNIX (RMFGAT) must be properly defined.

DISA Rule

SV-224095r561402_rule

Vulnerability Number

V-224095

Group Title

SRG-OS-000104-GPOS-00051

Rule Version

TSS0-US-000220

Severity

CAT II

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

10

Fix Recommendation

Define RMFGAT user account is defined as specified below:

-Default group specified as OMVSGRP or STCOMVS
-A unique, non-zero UID
-HOME directory specified as "/"
-Shell program specified as "/bin/sh"

Check Contents

RMFGAT is the userid for the Resource Measurement Facility (RMF) Monitor III Gatherer. If RMFGAT is not define this is not applicable.

From a command input screen enter:

TSS LIST (RMFGAT) DATA ALL

If RMFGAT is defined as follows, this is not a finding:

-Default group specified as OMVSGRP or STCOMVS
-A unique, non-zero UID
-HOME directory specified as "/"
-Shell program specified as "/bin/sh"

Vulnerability Number

V-224095

Documentable

False

Rule Version

TSS0-US-000220

Severity Override Guidance

RMFGAT is the userid for the Resource Measurement Facility (RMF) Monitor III Gatherer. If RMFGAT is not define this is not applicable.

From a command input screen enter:

TSS LIST (RMFGAT) DATA ALL

If RMFGAT is defined as follows, this is not a finding:

-Default group specified as OMVSGRP or STCOMVS
-A unique, non-zero UID
-HOME directory specified as "/"
-Shell program specified as "/bin/sh"

Check Content Reference

M

Target Key

4102

Comments