|Finding ID||Version||Rule ID||IA Controls||Severity|
|Access to product resources should be restricted to only those individuals responsible for the application connectivity and who have a requirement to access these resources. Improper control of product resources could potentially compromise the operating system, ACP, and customer data.|
|z/OS CSSMTP for RACF STIG||2017-06-26|
|Check Text ( C-3303r1_chk )|
| Refer to the following report produced by the RACF Data Collection: |
Refer to the following report produced by the RACF Data Collection:
Verify that the IBM CSSMTP started task(s) is (are) defined to the STARTED resource class profile and/or ICHRIN03 table entry.
|Fix Text (F-328r1_fix)|
| The IBM CSSMTP system programmer and the IAO will ensure that a product's started task(s) is (are) properly identified and/or defined to the System ACP. |
A unique userid must be assigned for the IBM CSSMTP started task(s) thru a corresponding STARTED class entry.
The following sample set of commands is shown here as a guideline:
rdef started CSSMTP.** uacc(none) owner(admin) audit(all(read)) stdata(user(CSSMTP) group(stc))
setr racl(started) ref