zOS WebsphereMQ for RACF Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-OS-000080
<GroupDescription></GroupDescription>Group -
WebSphere MQ Process resource profiles defined in the MQPROC Class are not protected in accordance with security requirements.
<VulnDiscussion>WebSphere MQ Process resources allow for the control of processes. Failure to properly protect WebSphere MQ resources may re...Rule Medium Severity -
SRG-OS-000080
<GroupDescription></GroupDescription>Group -
WebSphere MQ Namelist resource profiles defined in the MQNLIST Class are not protected in accordance with security requirements.
<VulnDiscussion>WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and nameli...Rule Medium Severity -
SRG-OS-000080
<GroupDescription></GroupDescription>Group -
WebSphere MQ Alternate User resources defined to MQADMIN resource class are not protected in accordance with security requirements.
<VulnDiscussion>WebSphere MQ resources allow for the control of administrator functions, connections, commands, queues, processes, and nameli...Rule Medium Severity -
SRG-OS-000080
<GroupDescription></GroupDescription>Group -
WebSphere MQ context resources defined to the MQADMIN resource class are not protected in accordance with security requirements.
<VulnDiscussion>Context security validates whether a userid has authority to pass or set identity and/or origin data for a message. Context s...Rule Medium Severity -
SRG-OS-000080
<GroupDescription></GroupDescription>Group -
WebSphere MQ command resources defined to MQCMDS resource class are not protected in accordance with security requirements.
<VulnDiscussion>WebSphere MQ resources allow for the control of commands. Failure to properly protect WebSphere MQ Command resources may re...Rule Medium Severity -
SRG-OS-000080
<GroupDescription></GroupDescription>Group -
WebSphere MQ RESLEVEL resources in the MQADMIN resource class are not protected in accordance with security requirements.
<VulnDiscussion>RESLEVEL security profiles control the number of userids checked for API-resource security. RESLEVEL is a powerful option tha...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.