IBM Support

OA66816: INCORRECT NON-COMPLIANT FINDINGS FOR RACF-SL-000030 WHEN MULTIPLE CKFREEZE FILES ARE ALLOCATED

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Incorrect non-compliant findings for RACF-SL-000030 when
    multiple CKFREEZE files are allocated.
    

Local fix

  • Allocate a CKFREEZE from a single system only.
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED: Users of zSecure Admin/Audit exploiting      *
    *                 multi-level indirect references (lookups)    *
    *                 in SELECT CARLa statements, users of the     *
    *                 zSecure Audit compliance testing framework   *
    *                 exploiting the RACF-SL-000030 compliance     *
    *                 control while processing multi-system data.  *
    ****************************************************************
    * PROBLEM DESCRIPTION: zSecure Admin/Audit might generate      *
    *                      incorrect results in cases where        *
    *                      multi-level indirect references         *
    *                      (lookups) are used in                   *
    *                      SELECT/EXCLUDE CARLa statements and     *
    *                      data from multiple systems are used     *
    *                      for processing.                         *
    ****************************************************************
    * RECOMMENDATION: Apply the PTF provided.                      *
    ****************************************************************
    When multi-level indirect reference (lookup) is used in the
    SELECT or EXCLUDE CARLa statements and data from multiple
    systems is being processed, the results generated by zSecure
    Admin/Audit might be incorrect, that is the lookup evaluation
    might report data from the wrong system. This also applies to
    the controls of the zSecure Audit compliance testing framework
    which use multi-level lookups (in particular the RACF-SL-000030
    (Syslogd protected config) compliance control.
    

Problem conclusion

  • zSecure Admin/Audit has been modified, so that the multi-level
    indirect references (lookups) specified in SELECT/EXCLUDE
    CARLa statements result in correct reports in cases where the
    data from multiple systems are being processed.
    

Temporary fix

Comments

APAR Information

  • APAR number

    OA66816

  • Reported component name

    ZSEC BASE,ADMIN

  • Reported component ID

    5655T0100

  • Reported release

    310

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2024-07-30

  • Closed date

    2024-08-05

  • Last modified date

    2024-09-03

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    UJ95728

Modules/Macros

  • CKABITS  GKRBITS
    

Fix information

  • Fixed component name

    ZSEC BASE,ADMIN

  • Fixed component ID

    5655T0100

Applicable component levels

  • R310 PSY UJ95728

       UP24/08/06 P F408

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSPQTM","label":"IBM Security zSecure Admin"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"310","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
03 September 2024