All installation-delivered IDMS DCADMIN-level tasks must be properly secured.
An XCCDF Rule
Description
<VulnDiscussion>If DC Administrator-level tasks are not secured, any user logged on to IDMS may use them to access and manipulate various resources within the DBMS. This can be mitigated using the proper entries in the SRTT. Satisfies: SRG-APP-000033-DB-000084, SRG-APP-000211-DB-000122</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-251589r807634_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
The SRTT module must be coded to enable task-level security. When using an ESM, this could be done in the following manner:
#SECRTT TYPE=ENTRY, X
RESTYPE=TASK, X
SECBY=EXTERNAL , X
EXTNAME=(RESTYPE,RESNAME), X