IBM RACF must define UACC of NONE on all profiles.

An XCCDF Rule

Description

The operating system must employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs.

ID: SV-223777r1050763_rule
Version: RACF-OS-000210
Severity: High
References: CCI-001774
Updated: about 2 months ago

Remediation Templates

Define each dataset and resource profile with UACC(NONE), excluding the exceptions of NODES and DIGTCERT profiles.