The ROSCOE's Resource Class is not defined or active in the ACP.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-224340 | ZROSA038 | SV-224340r987853_rule | CCI-000336 | medium |
| Description | ||||
| Failure to use a robust ACP to control a product could potentially compromise the integrity and availability of the MVS operating system and user data. | ||||
| STIG | Date | |||
| z/OS ROSCOE for ACF2 Security Technical Implementation Guide | 2025-02-25 | |||
Related Frameworks
2 paths across 2 frameworks
Related Frameworks
NIST 800-531 mapping
CM-4(2)
1.00
- DISA · 7 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI1 mapping
CCI-000336
1.00
- DISA · 7 · disa_xccdf · related
Details
Check Text (C-224340r987853_chk)
Ensure that the following GSO CLASMAP record entries are defined:
CLASMAPqual RESOURCE(ROSRES) RSRCTYPE(rosid) ENTITYLN(nn)
If all of the items in (b) are true, this is not a finding.
If any item in (b) is untrue, this is a finding.
Note: The site determines the appropriate three letter RSRCTYPE that is unique for each Roscoe system. The ENTITYLN should be appropriate for the site's installation.
Fix Text (F-26005r868226_fix)
Use SAF security to define and protect the Products resource class(es).
Ensure that the following GSO CLASMAP record entry(ies) is (are) defined:
CLASMAP.ROSCOE ENTITYLN(nn) RESOURCE(ROSRES)
RSRCTYPE(rosid)
Note: The site determines the appropriate three letter RSRCTYPE that is unique for each Roscoe system. The ENTITYLN should be appropriate for the site's installation.
Example:
SET C(GSO)
LIST CLASMAP.ROSCOE
INSERT CLASMAP.ROSCOE ENTITYLN(39) RESOURCE(ROSRES) RSRCTYPE(ROS)
F ACF2,REFRESH(CLASMAP)