IBM RACF must limit WRITE or greater access to LINKLIST libraries to system programmers only.

An XCCDF Rule

Description

<VulnDiscussion>The primary function of the LINKLIST is to serve as a single repository for commonly used system modules. Failure to ensure that the proper set of libraries is designated for LINKLIST can impact system integrity, performance, and functionality. For this reason, controls must be employed to ensure that the correct set of LINKLIST libraries is used. Unauthorized access could result in the compromise of the operating system environment, ACP, and customer data. Satisfies: SRG-OS-000080-GPOS-00048, SRG-OS-000259-GPOS-00100, SRG-OS-000324-GPOS-00125</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-235033r958472_rule
Severity: Medium
References: CCI-000213 CCI-001499 CCI-002235
Updated: 17 days ago

Review access authorization to critical system files. Evaluate the impact of correcting the deficiency. Develop a plan of action and implement the changes as required to protect the LINKLIST libraries.

Configure the WRITE or greater access to LINKLIST libraries to be limited to system programmers only and all WRITER or greater access is logged.

IBM RACF must limit WRITE or greater access to LINKLIST libraries to system programmers only.

Description

Remediation - Manual Procedure