Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The user account for the z/OS UNIX (RMFGAT) must be properly defined.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-6989 | ZUSS0045 | SV-87475r1_rule | Medium |
| Description |
|---|
| User identifiers (ACF2 logonids, RACF userids, and Top Secret ACIDs), groups, and started tasks that use z/OS UNIX facilities are defined to an ACP with attributes including UID and GID. If these attributes are not correctly defined, data access or command privilege controls could be compromised. |
| STIG | Date |
|---|---|
| z/OS RACF STIG | 2017-03-22 |
Details
| Check Text ( C-72955r2_chk ) |
|---|
| RMFGAT is the userid for the Resource Measurement Facility (RMF) Monitor III Gatherer. If RMFGAT is not define this is not applicable. From a command input screen enter: LISTUSER (RMFGAT) OMVS Alternately: Refer to the following reports produced by the ACP Data Collection: - RACFCMDS.RPT(LISTUSER) If RMFGAT is defined as follows, this is not a finding: - Default group specified as OMVSGRP or STCOMVS - A unique, non-zero UID - HOME directory specified as “/” Shell program specified as “/bin/sh” |
| Fix Text (F-79261r2_fix) |
|---|
| Define the RMFGAT user account as specified below: - Default group specified as OMVSGRP or STCOMVS - A unique, non-zero UID - HOME directory specified as “/” - Shell program specified as “/bin/sh” |