IBM z/OS UNIX BPXPRMxx security parameters in PARMLIB must be properly specified.

An XCCDF Rule

Description

<VulnDiscussion>Configuration settings are the set of parameters that can be changed in hardware, software, or firmware components of the system that affect the security posture and/or functionality of the system. Security-related parameters are those parameters impacting the security state of the system, including the parameters required to satisfy other security control requirements. Security-related parameters include, for example: registry settings; account, file, directory permission settings; and settings for functions, ports, protocols, services, and remote connections.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-223631r991589_rule
Severity: Medium
References: CCI-000366
Updated: 17 days ago

Define the settings in PARMLIB member BPXPRMxx for z/OS UNIX security parameters values to conform to the specifications below:
Parameter Keyword Value

SUPERUSER BPXROOT
TTYGROUP TTY
STEPLIBLIST /etc/steplibUSERIDALIASTABLE will not be specified.
ROOT SETUID will be specified.
MOUNT NOSETUID
              SETUID (for Vendor-provided files)
SECURITY
STARTUP_PROC OMVS

IBM z/OS UNIX BPXPRMxx security parameters in PARMLIB must be properly specified.

Description

Remediation - Manual Procedure