Skip to content

The commands that allow dynamic definitions of PROGRAM/TASK and the dynamic varying of memory must be secured.

An XCCDF Rule

Description

<VulnDiscussion>IDMS provides commands that can change memory, the attributes of programs, or tasks and are meant for use by the appropriate administrators. These commands must be protected from use by the wrong personnel. Satisfies: SRG-APP-000133-DB-000362, SRG-APP-000380-DB-000360, SRG-APP-000378-DB-000365</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-251603r855262_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

The SRTT must contain one or more entries to enable the external security of RESTYPE=ACTI. For example:
 
#SECRTT TYPE=ENTRY,RESTYPE=ACTI, SECBY=EXTERNAL,      EXTCLS='CA@IDMS',EXTNAME=(SYST,ACTIVITY)       

Update the source for IDMSCTAB. This example #CTABGEN entry secures the DCMT VARY DYNAMIC and DCMT VARY MEMORY commands and assigns an activity number to each: