
If a third party access control product is used to grant selected users access to SCF
running as a SUPER Group member, or a member of a subsystem owners’ groups, the
sensitive commands should only be granted to the appropriate users and denied to
all others.
3P-ACCESS-SCF-01 Use a third party access control product to allow the
users responsible for using SCF access to commands as SUPER.SUPER.
Discovery Questions Look here:
OPSYS-OWNER-02 Who owns the SCF object file? Fileinfo
OPSYS-OWNER-02 Who owns the SCFLIB object files? Fileinfo
OPSYS-OWNER-02 Who owns the SCFLIBOR object files? Fileinfo
OPSYS-OWNER-02 Who owns the SCFLIBXR object files? Fileinfo ...