Title

Access to System page data sets (i.e., PLPA, COMMON, and LOCALx) are not limited to system programmers. (Cat II impact)

Discussion

Page data sets hold individual pages of virtual storage when they are paged out of real storage. Unauthorized access could result in the compromise of the operating system environment, ACP, and customer data.

Check Content

a) Refer to the following report produced by the Data Set and Resource Data Collection: - SENSITVE.RPT(PGXXRPT) Automated Analysis Refer to the following report produced by the Data Set and Resource Data Collection: - PDI(ACP00230) ___ The ACP data set rules for system page data sets (PLPA, COMMON, and LOCAL) allow inappropriate access. ___ The ACP data set rules for system page data sets (PLPA, COMMON, and LOCAL) do not restrict access to only systems programming personnel. b) If both of the above are untrue, there is NO FINDING. c) If either of the above is true, this is a FINDING

Fix Text

Verify that the ACP data set rules for system page data sets (PLPA, COMMON, and LOCAL) restrict access to only systems programming personnel.

Additional Identifiers

Rule ID: SV-128r2_rule

Vulnerability ID: V-128

Group Title: ACP00230

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.