Check: RACF-ES-000560
IBM z/OS RACF STIG:
RACF-ES-000560
(in versions v9 r3 through v7 r1)
Title
IBM RACF must define WARN = NO on all profiles. (Cat I impact)
Discussion
Failure to restrict system access to authenticated users negatively impacts operating system security.
Check Content
Review all Dataset and resource profiles in the RACF database. If any are not defined with WARN = NO, this is a finding.
Fix Text
Define each dataset and resource profile with WARN = NO
Additional Identifiers
Rule ID: SV-223703r991591_rule
Vulnerability ID: V-223703
Group Title: SRG-OS-000480-GPOS-00229
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
Implement the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |