The ROSCOE's Resource Class is not defined or active in the ACP.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-224340 | ZROSA038 | SV-224340r987853_rule | CCI-000336 | medium |
| Description | ||||
| Failure to use a robust ACP to control a product could potentially compromise the integrity and availability of the MVS operating system and user data. | ||||
| STIG | Date | |||
| z/OS ROSCOE for ACF2 Security Technical Implementation Guide | 2025-02-25 | |||
Details
Check Text (C-224340r987853_chk)
Ensure that the following GSO CLASMAP record entries are defined:
CLASMAPqual RESOURCE(ROSRES) RSRCTYPE(rosid) ENTITYLN(nn)
If all of the items in (b) are true, this is not a finding.
If any item in (b) is untrue, this is a finding.
Note: The site determines the appropriate three letter RSRCTYPE that is unique for each Roscoe system. The ENTITYLN should be appropriate for the site's installation.
Fix Text (F-26005r868226_fix)
Use SAF security to define and protect the Products resource class(es).
Ensure that the following GSO CLASMAP record entry(ies) is (are) defined:
CLASMAP.ROSCOE ENTITYLN(nn) RESOURCE(ROSRES)
RSRCTYPE(rosid)
Note: The site determines the appropriate three letter RSRCTYPE that is unique for each Roscoe system. The ENTITYLN should be appropriate for the site's installation.
Example:
SET C(GSO)
LIST CLASMAP.ROSCOE
INSERT CLASMAP.ROSCOE ENTITYLN(39) RESOURCE(ROSRES) RSRCTYPE(ROS)
F ACF2,REFRESH(CLASMAP)