The HFSSEC resource class is not defined with DEFPROT.

From z/OS TSS STIG

Part of ZUSST060

Associated with IA controls: DCCS-1, DCCS-2

Associated with: CCI-000213

SV-7383r2_rule The HFSSEC resource class is not defined with DEFPROT.

Vulnerability discussion

The HFSSEC resource class configuration settings in the ACP impact the security level of z/OS UNIX.

Check content

a) Refer to the following report produced by the TSS Data Collection: - TSSCMDS.RPT(STATUS) - TSSCMDS.RPT(#RDT) Automated Analysis Refer to the following report produced by the TSS Data Collection: - PDI(ZUSST060) b) If the Control Option is HFSSEC(OFF), this is NOT APPLICABLE. c) If the DEFPROT attribute is specified for the HFSSEC resource class in the RDT, there is NO FINDING. d) If (c) above is untrue, this is a FINDING.

Fix text

Ensure that the HFSSEC resource class has the attribute DEFPROT. For Example: TSS REPLACE(RDT) RESCLASS(HFSSEC) ATTR(DEFPROT)

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer