IBM z/OS RACF Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
IBM RACF must limit write or greater access to all LPA libraries to system programmers only.
<VulnDiscussion>To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DoD-ap...Rule High Severity -
SRG-OS-000080-GPOS-00048
<GroupDescription></GroupDescription>Group -
IBM RACF must limit Write or greater access to libraries containing EXIT modules to system programmers only.
<VulnDiscussion>To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DoD-ap...Rule High Severity -
SRG-OS-000080-GPOS-00048
<GroupDescription></GroupDescription>Group -
The IBM z/OS JES(XBMALLRACF) SETROPTS value must be set to JES(XBMALLRACF).
<VulnDiscussion>In certain situations, software applications/programs need to execute with elevated privileges to perform required functions....Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules