Product configuration/parameter values are not specified properly.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-224534 | ZROSR040 | SV-224534r1144980_rule | CCI-000015 | medium |
| Description | ||||
| Product configuration/parameters control the security and operational characteristics of products. If these parameter values are improperly specified, security and operational controls may be weakened. This exposure may threaten the availability of the product applications, and compromise the confidentiality of customer data. | ||||
| STIG | Date | |||
| z/OS ROSCOE for RACF Security Technical Implementation Guide | 2025-09-27 | |||
Details
Check Text (C-224534r1144980_chk)
Have the products system programmer display the configuration/parameters control statements used in the current running product to define or enable security. This information is located in the SYSIN DD statement in the JCL of the STC/Batch job.
Automated Analysis
Refer to the following report produced by the z/OS Data Collection:
- PDI(ZROS0040).
If the following keywords specify the values in the ROSCOE configuration/parameter control member, this is not a finding.
Keyword Value
EXTSEC RACF
ACFEXT YES
CLLEXT YES
JOBEXT YES
LIBEXT YES
MONEXT YES
PRVEXT YES
RPFEXT YES
UPSEXT YES
Fix Text (F-26205r1070086_fix)
The product systems programmer will verify that any configuration/parameters required to control the security of the product are properly configured and syntactically correct.
See the required parameters below: Example
Keyword Value
EXTSEC RACF
ACFEXT YES
CLLEXT YES
JOBEXT YES
LIBEXT YES
MONEXT YES
PRVEXT YES
RPFEXT YES
UPSEXT YES