From z/OS ACF2 STIG
Part of ACF0850
Associated with: CCI-000213
Users with this privilege can do anything from canceling jobs to disabling the entire system. This could result in the compromise of the confidentiality, integrity, and availability of the operating system, ACP, or customer data.
Refer to the following report produced by the ACF2 Data Collection: - ACF2CMDS.RPT(ATTOPER) Automated Analysis Refer to the following report produced by the ACF2 Data Collection Checklist: - PDI(ACF0850) If the number of users granted the special privilege "OPERATOR" is strictly controlled and limited to systems programmer and operations personnel, this is NOT a finding. Security managers may be granted this access at the discretion of the ISSM. If the number of users granted the special privilege "OPERATOR" is not strictly controlled and limited to systems programmer, security manager or operations personnel, this is a finding.
Ensure that access to the special privilege "OPERATOR" is kept to a minimum and limited to systems programmer, security manager and operations personnel. Review all LOGONIDs with the "OPERATOR" attribute.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer