IBM Support

OA52753: ACF2 DATA SET RELATED STIG CONTROLS SSE FOR ZSECURE AUDIT FOR ACF2.

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as new function.

Error description

  • ACF2 data set related STIG controls SSE for zSecure Audit for
    ACF2
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED: Users of zSecure Audit for ACF2 Compliance   *
    *                 Testing Framework.                           *
    ****************************************************************
    * PROBLEM DESCRIPTION: New STIG compliance rules for zSecure   *
    *                      Audit for ACF2 Compliance Testing       *
    *                      Framework.                              *
    ****************************************************************
    * RECOMMENDATION: Apply the PTF provided and review the        *
    *                 published documentation updates.             *
    ****************************************************************
    The zSecure Audit for ACF2 Compliance Testing Framework is
    extended with the following STIG compliance rules:
     - ACP00010: Restrict WRITE, ALLOC, and READ access to
                 SYS1.PARMLIB.
     - ACP00020: Restrict WRITE and ALLOC access to SYS1.LINKLIB.
     - ACP00030: Restrict WRITE and ALLOC access to SYS1.SVCLIB.
     - ACP00040: Restrict WRITE and ALLOC access to SYS1.IMAGELIB.
     - ACP00050: Restrict WRITE and ALLOC access to SYS1.LPALIB.
     - ACP00060: Restrict WRITE and ALLOC access to APF authorized
                 libraries.
     - ACP00070: Restrict WRITE and ALLOC access to LPA libraries.
     - ACP00080: Restrict WRITE and ALLOC access to SYS1.NUCLEUS
     - ACP00110: Restrict WRITE and ALLOC access to LINKLIST
                 libraries.
     - ACP00120: Restrict WRITE, ALLOC, and READ access to ACP
                 data sets.
     - ACP00130: Restrict WRITE and ALLOC access to the Master
                 Catalog.
     - ACP00135: Restrict ALLOC access to User Catalogs.
     - ACP00150: Restrict WRITE and ALLOC access to JES system data
                 sets.
     - ACP00170: Restrict WRITE, ALLOC, and READ access to
                 SYS1.UADS.
     - ACP00180: Restrict WRITE and ALLOC access to SMF libraries.
     - ACP00230: Restrict WRITE, ALLOC, and READ access to Page data
                 sets.
     - ACP00250: Restrict WRITE and ALLOC access to system STC and
                 TSO procedures.
     - ACF00395: Use specified cryptography to protect passwords and
                 password phrases.
    

Problem conclusion

Temporary fix

Comments

APAR Information

  • APAR number

    OA52753

  • Reported component name

    ZSEC BASE,ADMIN

  • Reported component ID

    5655T0100

  • Reported release

    221

  • Status

    CLOSED UR1

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2017-05-05

  • Closed date

    2017-06-30

  • Last modified date

    2017-08-01

  • APAR is sysrouted FROM one or more of the following:

    OA52751

  • APAR is sysrouted TO one or more of the following:

    UA92494

Modules/Macros

  •    CKADSTD  CKAFDEFA CKAIRULE CKALSTD  CKAOUCMP
    CKAOUSEN CKRACT   CKRACTQ  CKRDBGS  CKRINLT  CKRINMO  CKRINPL
    CKRINPO  CKRINPZ  CKROBJ   CKROUNIT C2R3AY0K C2R3AY0L C2R3AY0M
    C2R3AY0N C2R3EC0B C2R3EC0C C2R3EC0E C2R3EC0T C2R3EC0U C2R3EC06
    C2R3EC08 C2R3ES06 C2R3ES08 GKRACT   GKRACTQ  GKRDBGS  GKRFDEFA
    GKRINLT  GKRINMO  GKRINPL  GKRINPO  GKRINPZ  GKROBJ   GKROUCMP
    GKROUNIT GKROUSEN
    

Fix information

  • Fixed component name

    ZSEC BASE,ADMIN

  • Fixed component ID

    5655T0100

Applicable component levels

  • R221 PSY UA92494

       UP17/07/04 P F707

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU048","label":"IBM Software"}, "Product":{"code":"SSCE68R","label":"zSecure Admin"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"221","Edition":""}]

Document Information

Modified date:
01 August 2017