Check: ACF0850
zOS ACF2 STIG:
ACF0850
(in versions v6 r43 through v6 r30)
Title
The number of users granted the special privilege OPERATOR must be kept to a strictly controlled minimum. (Cat II impact)
Discussion
Users with this privilege can do anything from canceling jobs to disabling the entire system. This could result in the compromise of the confidentiality, integrity, and availability of the operating system, ACP, or customer data.
Check Content
Refer to the following report produced by the ACF2 Data Collection: - ACF2CMDS.RPT(ATTOPER) Automated Analysis Refer to the following report produced by the ACF2 Data Collection Checklist: - PDI(ACF0850) If the number of users granted the special privilege "OPERATOR" is strictly controlled and limited to systems programmer and operations personnel, this is NOT a finding. Security managers may be granted this access at the discretion of the ISSM. If the number of users granted the special privilege "OPERATOR" is not strictly controlled and limited to systems programmer, security manager or operations personnel, this is a finding.
Fix Text
Ensure that access to the special privilege "OPERATOR" is kept to a minimum and limited to systems programmer, security manager and operations personnel. Review all LOGONIDs with the "OPERATOR" attribute.
Additional Identifiers
Rule ID: SV-181r3_rule
Vulnerability ID: V-181
Group Title: ACF0850
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000213 |
The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies. |
Controls
| Number | Title |
|---|---|
| AC-3 |
Access Enforcement |