Check: RACF-ES-000560
IBM z/OS RACF STIG:
RACF-ES-000560
(in versions v8 r14 through v7 r1)
Title
IBM RACF must define WARN = NO on all profiles. (Cat I impact)
Discussion
Failure to restrict system access to authenticated users negatively impacts operating system security.
Check Content
Review all Dataset and resource profiles in the RACF database. If any are not defined with WARN = NO, this is a finding.
Fix Text
Define each dataset and resource profile with WARN = NO
Additional Identifiers
Rule ID: SV-223703r877377_rule
Vulnerability ID: V-223703
Group Title: SRG-OS-000480-GPOS-00229
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |