An error occurred:

z/OS CL/SuperSession for RACF STIG Version Comparison

z/OS CL/SuperSession for RACF Security Technical Implementation Guide

Comparison

There are 4 differences between versions v6 r13 (April 24, 2024) (the "left" version) and v7 r1 (Jan. 30, 2025) (the "right" version).

Check ZCLS0040 was changed between these two versions. Green, underlined text was added, red, struck-out text was removed.

The regular view of the left check and right check may be easier to read.

Text Differences

Title

CL/SuperSession profile options are set improperly.

Check Content

a) The a) The following steps are necessary for reviewing the CL/SuperSession options: 1) Request options: 1) Request on-line online access from the site administrator to view CL/SuperSession parameter settings. 2) Once settings. 2) Once access to the CL/SuperSession Main Menu has been obtained, select the option for the ADMINISTRATOR menu. 3) From menu. 3) From the ADMINISTRATOR menu, select the option for the PROFILE SELECTION menu. 4) From menu. 4) From the PROFILE SELECTION menu, select the View GLOBAL Profile option. 5) After option. 5) After selection of the View GLOBAL Profile option, the Update GLOBAL Profile menu appears. From this menu select the profile to be reviewed: - To reviewed: - To view the Common profile select: _Common - To select: _Common - To view the SUPERSESSION profile select: select: _SupSess Automated _SupSess Automated Analysis Refer to the following report produced by the z/OS Data Collection: - PDI(ZCLS0040) b) Compare Collection: - PDI(ZCLS0040) b) Compare the security parameters as specified in the Required CL/SuperSession Common Profile Options and Required CL/Superssion CL/SuperSession Profile Options Tables in the z/OS STIG Addendum against the CL/SuperSession Profile options. c) If options. c) If all options as specified in the Required CL/SuperSession Common Profile Options and Required CL/Superssion CL/SuperSession Profile Options Tables in the z/OS STIG Addendum are in effect, there is NO FINDING. d) If no finding. d) If any of the options as specified in the Required CL/SuperSession Common Profile Options and Required CL/Superssion CL/SuperSession Profile Options Tables in the z/OS STIG Addendum is not in effect, this is a FINDING. finding.

Discussion

Product configuration/parameters control the security and operational characteristics of products. If these parameter values are improperly specified, security and operational controls may be weakened. This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data.

Fix

The Systems systems Programmer programmer and IAO ISSO will review all session manager security parameters and control options for compliance with the requirements of the z/OS STIG Addendum Required CL/SuperSession Common Profile Options and Required CL/SuperSession Profile Options Tables. Verify that the options are set properly.