A fix is available
APAR status
Closed as program error.
Error description
PCI-DSS rule 10.2.2 incorrectly reports root userids (UID=0) with uaudit set as non-compliant.
Local fix
n/a
Problem summary
**************************************************************** * USERS AFFECTED: Users of zSecure Audit exploiting the * * PCI-DSS compliance rule set 10.2.2. * **************************************************************** * PROBLEM DESCRIPTION: The zSecure Audit PCI-DSS compliance * * rule set 10.2.2 reports root user IDs * * with the UAUDIT attribute as * * non-compliant. * **************************************************************** * RECOMMENDATION: Apply the PTF provided. * **************************************************************** The PCI-DSS compliance rule set 10.2.2 (All actions taken by any individual with root or administrative privileges must be logged) reports root user IDs with the UAUDIT attribute as non-compliant.
Problem conclusion
zSecure Audit has been modified so that the PCI-DSS compliance rule set 10.2.2 reports user IDs with the UAUDIT attribute as compliant.
Temporary fix
Comments
APAR Information
APAR number
OA50685
Reported component name
ZSEC BASE,ADMIN
Reported component ID
5655T0100
Reported release
220
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2016-06-08
Closed date
2016-06-14
Last modified date
2016-07-04
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UA81983
Modules/Macros
CKAPCA22
Fix information
Fixed component name
ZSEC BASE,ADMIN
Fixed component ID
5655T0100
Applicable component levels
R220 PSY UA81983
UP16/06/15 P F606
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSPQTM","label":"IBM Security zSecure Admin"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"220","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Document Information
Modified date:
16 August 2024