Friday, June 18, 2010

Security aspects of TA SE16

You might be probably all aware about security breaches within TA SE11 - Data Browser. I also mentioned this TA in my previous post regarding Secure programming in ABAP. Trick here is much known between SAP people. I’m not going to repeat it but by few key strokes into transaction code field of SAP GUI you can seriously touch the data inside any SAP table and therefore caused data inconsistency even an fraud. Protection against such a activity needs to be implemented. 
Therefore I list here few important SAP Notes dealing with this topic:

26909 - SE16 - Security
1133739 - Security note: Security gap in Data Browser (SE16)
763269 - Line-by-line authorization check in SE16
1224620 - Authorization check S_TCODE for SE16 in background jobs
947557 - Authorization check S_TCODE for SE16 from SE11
546797 - FAQ Data Browser (SE16)

Plus few more blogs:

No comments: