IBM System Display and Search Facility (SDSF) HASPINDX data set identified in the INDEX parameter must be properly protected.
An XCCDF Rule
Description
<VulnDiscussion>IBM System Display and Search Facility (SDSF) HASPINDX data set control the execution, configuration, and security of the SDSF products. Failure to properly protect access to these data sets could result in unauthorized access. This exposure may threaten the availability of SDSF, and compromise the confidentiality of customer data.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-224318r520348_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Ensure that the HASPINDX dataset identified in the INDEX parameter value of ISFPARMS options statement is restricted as described below.
The HASPINDX data set is used by SDSF when building the SYSLOG panel. This data set contains information related to all SYSLOG jobs and data sets on the spool. Since SDSF dynamically allocates this data set, explicit user access authorization to this data set should not be required. Due to the potentially sensitive data in this data set, access authorization will be restricted.
READ access is restricted to the auditors.