ACIDs defined as security administrators do not have the attribute of NOATS.

From z/OS TSS STIG

Part of TSS0900

Associated with IA controls: DCCS-1, DCCS-2

SV-238r1_rule ACIDs defined as security administrators do not have the attribute of NOATS.

Vulnerability discussion

NOATS prevents the TSS administrator ACID from signing on through automatic terminal signon. If an ACID has ATS enabled, a terminal could be automatically assigned that ACID without a user being present. This applies to CICS, IMS, and IDMS.

Check content

Refer to the following reports produced by the TSS Data Collection: - TSSCMDS.RPT(@ALL) - TSSPRIV.RPT Automated Analysis Refer to the following report produced by the TSS Data Collection: - PDI(TSS0900) Review all security administrators to ensure that each one has the NOATS attribute.

Fix text

Review all security administrator ACIDs. Ensure the NOATS attribute has been assigned. Evaluate the impact of correcting the deficiency. Develop a plan of action and implement the changes. NOTE: The NOATS attribute may be added to an ACID or an ACID's PROFILE. The following command may be issued to determine if the NOATS attribute is defined to an ACID or an ACID's PROFILE: tss list() data(basic,profile)

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer