Check: TSS0-FT-000130
IBM z/OS TSS STIG:
TSS0-FT-000130
(in versions v9 r2 through v8 r9)
Title
IBM z/OS FTP.DATA configuration statements for the FTP Server must be specified in accordance with requirements. (Cat II impact)
Discussion
This requirement is intended to cover both traditional interactive logons to information systems and general accesses to information systems that occur in other types of architectural configurations (e.g., service-oriented architectures).
Check Content
Refer to the Data configuration file specified on the SYSFTPD DD statement in the FTP started task JCL. If the UMASK statement is coded with a value of "077", this is not a finding.
Fix Text
Configure the FTP configuration to include the UMASK statement with a value of "077". If the FTP Server requires a UMASK value less restrictive than "077", requirements should be justified and documented with the ISSO.
Additional Identifiers
Rule ID: SV-255896r991589_rule
Vulnerability ID: V-255896
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
Implement the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |