← Back to z/OS ROSCOE for TSS Security Technical Implementation Guide

V-225603

CAT II (Medium)

ROSCOE is not properly defined to the Facility Matrix Table for Top Secret.

Rule ID

SV-225603r1146141_rule

STIG

z/OS ROSCOE for TSS Security Technical Implementation Guide

Version

V7R2

CCIs

CCI-000764

Discussion

Improperly defined security controls for the Product could result in the compromise of the network, operating system, and customer data. *****This vulnerability only applies to Top Secret started tasks. *****

Check Content

Refer to the following reports produced by the TSS Data Collection:

- TSSCMDS.RPT(FACLIST) - Preferred report containing all control option values in effect including default values.
- TSSCMDS.RPT(TSSPRMFL) - Alternate report containing only control option values explicitly coded at TSS startup.

Note:	The FACLIST report must be created by DECC security personnel. The TSSPRMFL report can be used if DECC security personnel have not executed the required steps documented in the TSS Data Collection.

Review the FACLIST report. If the Product Facility is properly defined as specified by the product systems programmer, this is not a finding.

Fix Text

The Facility ROSCOE comes predefined with CA-TSS. Please ensure you add the following to your TSS parmlib for the FAC(ROSCOE):

****
****   ROSCOE                                                          *
****
FACILITY(ROSCOE=NOLUMSG,NORNDPW)