From z/OS ACF2 STIG
Part of ZCICA011
Associated with IA controls: DCCS-1, ECCD-2, DCCS-2, ECCD-1
CICS is a transaction-processing product that provides programmers with the facilities to develop interactive applications. Unauthorized access to ACF2/CICS parameter data sets (i.e., product, security) could result in the compromise of the confidentiality, integrity, and availability of the CICS region, applications, and customer data.
a) Refer to the following report produced by the ACF2 Data Collection: - SENSITVE.RPT(CICSRPT) Refer to the CICS Systems Programmer Worksheets filled out from previous vulnerability ZCIC0010. b) UPDATE and/or ALLOCATE access to the ACF2/CICS parameter data set, specified on the ACF2PARM DD statement, is restricted to systems programming personnel and security personnel. c) If all items in (b) are true, there is NO FINDING. d) If any item in (b) is untrue, this is a FINDING.
The IAO will ensure that update and allocate access to the ACF2/CICS parameter data set is limited to system programmers and security personnel. Review the access authorizations for CICS system data sets. UPDATE and/or ALLOCATE access to the ACF2/CICS parameter data set, specified on the ACF2PARM DD statement, is restricted to systems programming personnel and security personnel. Example: $KEY(S3C) $PREFIX(SYS3) CICSTS.SYSIN UID(syspaudt) R(A) W(L) A(L) E(A) CICSTS.SYSIN UID(secaaudt) R(A) W(L) A(L) E(A) CICSTS.SYSIN UID(*) PREVENT SET RULE COMPILE 'ACF2.MVA.DSNRULES(S3C)' STORE
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer