From z/OS TSS STIG
Part of TSS0750
Associated with IA controls: DCCS-1, DCCS-2, IAIA-2, IAIA-1
The PASSWORD(NOPW) option if specified, would allow any one having access to the interactive or STC ACIDs capability to use it without specifying a password. This would cause user accountability to be lost for those ACIDs and they could conceivably possess more authority than is necessary for them to do their job.
Refer to the following reports produced by the TSS Data Collection: - TSSCMDS.RPT(@ACIDS) - TSSCMDS.RPT(@ALL) Automated Analysis Refer to the following report produced by the TSS Data Collection: - PDI(TSS0750) NOTE: To evaluate the PASSWORD option NOPW, the TSSCMDS and CATJ0002 jobs must be run under the MSCA's ACID. If CATJ0002 is not submitted using the MSCA's ACID, the above PDI member will not be generated. Ensure that PASSWORD(NOPW) is not specified for any interactive or STC users.
The IAO will review all interactive and STC ACID definitions to ensure that all interactive and STC ACIDs specify a password. The following command is an example of how this can be corrected. TSS REPLACE(user_ACID) PASSWORD(Text4Pwd,60) PASSWORD(NOPW) Option will not exist for any interactive and STC ACID definitions.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer