Resource Class ROSRES is not defined or active in the Access Control Program (ACP).
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-225604 | SRG-OS-000309 | ZROST038 | SV-225604r1146143_rule | 2025-09-28 | 7 |
| Description |
|---|
| Failure to use a robust ACP to control a product could potentially compromise the integrity and availability of the MVS operating system and user data. |
| ℹ️ Check |
|---|
| Refer to the following report produced by the ACP Data Collection: - TSSCMDS.RPT(#RDT). If the ROSCOE Resource Class(es) is (are) defined in the Resource Definition Table (RDT) as follows, this is not a finding. RESOURCE CLASS = ROSRES RESOURCE CODE = X'hex code' ATTRIBUTE = MASK|NOMASK,MAXOWN(08),MAXPERMIT(044),ACCESS,DEFPROT ACCESS = NONE(0000),CONTROL(0400),UPDATE(6000),READ(4000) ACCESS = WRITE(2000),ALL(FFFF) DEFACC = READ |
| ✔️ Fix |
|---|
| The ISSO will ensure the Product resource class(es) is (are) defined in the TSS RDT. The ISSO will issue one of the following commands to define the Product resource class(es): TSS REPLACE(RDT) RESCLASS(ROSRES) - MAXLEN(044) - ATTR(MASK|NOMASK,DEFPROT) - ACLST(NONE(0000),CONTROL(0400),UPDATE(6000),READ(4000),WRITE(2000),ALL(FFFF)) - DEFACC(READ) TSS ADDTO(RDT) RESCLASS(ROSRES) - RESCODE(hex-code) - ATTR(MASK|NOMASK,DEFPROT) - ACLST(NONE(0000),CONTROL(0400),UPDATE(6000),READ(4000),WRITE(2000),ALL(FFFF)) - DEFACC(READ) |