Skip to content

CA IDMS must protect the system code and storage from corruption by user programs.

An XCCDF Rule

Description

<VulnDiscussion>Database management systems can maintain separate execution domains for each executing process by assigning each process a separate address space. Each process has a distinct address space so that communication between processes is controlled through the security functions, and one process cannot modify the executing code of another process. Maintaining separate execution domains for executing processes can be achieved, for example, by implementing separate address spaces.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-251642r961608_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Use the following system generation parameters to enable the use of high performance storage protection:
 
Set STORAGE KEY parameter of the SYSTEM statement to "9".

Set PROTECT/NOPROTECT parameter of the SYSTEM statement to "PROTECT".