STIGQter STIGQter: STIG Summary: z/OS CL/SuperSession for TSS STIG Version: 6 Release: 10 Benchmark Date: 27 Apr 2018:

CL/SuperSession is not properly defined to the Facility Matrix Table for Top Secret.

DISA Rule

SV-27240r1_rule

Vulnerability Number

V-17469

Group Title

ZB000036

Rule Version

ZCLST036

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Define the CT/Engine started task name KLS as a Facility to TOP SECRET in the Facility Matrix Table using the following example:

*KLS CL/SUPERSESSION
FACILITY(USERxx=NAME=KLS)
FACILITY(KLS=MODE=FAIL,ACTIVE,SHRPRF)
FACILITY(KLS=PGM=KLV,NOASUBM,NOABEND,NOXDEF)
FACILITY(KLS=ID=xx,MULTIUSER,RES,LUMSG,STMSG,WARNPW,SIGN(M))
FACILITY(KLS=NOINSTDATA,NORNDPW,AUTHINIT,NOPROMPT,NOAUDIT)
FACILITY(KLS=NOTSOC,LOG(INIT,SMF,MSG,SEC9))

Check Contents

a) Refer to the following report produced by the TSS Data Collection:

- TSSCMDS.RPT(FACLIST) - Preferred report containing all control option values in effect including default values
- TSSCMDS.RPT(TSSPRMFL) - Alternate report containing only control option values explicitly coded at TSS startup

b) If KLS is properly defined in the Facility Matrix table, there is NO FINDING:

c) If KLS is improperly defined in the Facility Matrix table, this is a FINDING.

Vulnerability Number

V-17469

Documentable

False

Rule Version

ZCLST036

Severity Override Guidance

a) Refer to the following report produced by the TSS Data Collection:

- TSSCMDS.RPT(FACLIST) - Preferred report containing all control option values in effect including default values
- TSSCMDS.RPT(TSSPRMFL) - Alternate report containing only control option values explicitly coded at TSS startup

b) If KLS is properly defined in the Facility Matrix table, there is NO FINDING:

c) If KLS is improperly defined in the Facility Matrix table, this is a FINDING.

Check Content Reference

M

Responsibility

Systems Programmer

Target Key

1857

Comments