search cancel

Audit shows MSCA with mode DORM

book

Article ID: 215988

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

Why does TSSUTIL audit report show entries the MSCA with MODE DORM? 

What commands will ensure that MSCA cannot use MODE(WARN) in future? 

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Cause

If the MSCA is the owner the MODEs: 

TSS ADD(MSCA) MODE(FAIL,WARN,DORM,IMPL)

The owner of a resource in Top Secret , has full access to that resource.

 

Resolution

Change ownership of the MODES from MSCA to a DEPT acid to prevent MSCA from having default access to them.

The resolution commands were: 

TSS ADD(dept) MODE(DORM) UNDERCUT NOPERMIT
TSS ADD(dept) MODE(IMPL) UNDERCUT NOPERMIT
TSS ADD(dept) MODE(WARN) UNDERCUT NOPERMIT
TSS ADD(dept) MODE(FAIL) UNDERCUT NOPERMIT
TSS REVOKE(msca) MODE(DORM) 
TSS REVOKE(msca) MODE(IMPL)
TSS REVOKE(msca) MODE(WARN)
TSS REVOKE(msca) MODE(FAIL)