tag:blogger.com,1999:blog-16458652.post581795548180559688..comments2022-03-31T09:23:33.631+01:00Comments on Musings of an IT Implementor: SAP Change Non-Dialog User to Dialog User Using Function ModuleDarryl Griffithshttp://www.blogger.com/profile/14606963192602668739noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-16458652.post-13999953979746210542017-02-01T20:27:16.475+00:002017-02-01T20:27:16.475+00:00Hi Vijay,
I wouldn't say this was an exploit,...Hi Vijay,<br /><br />I wouldn't say this was an exploit, since the software is doing what is considered to be the function that it was written for.<br />In this instance, the security of the system is only as good as the controls that have been imposed around the user accounts.<br />Segregation of duties would be the ideal solution to this specific problem, instead of leaving user accounts with SAP_ALL. They should really only have the required RFC authorisations (a level of least privilege).<br /><br />Regards,<br /><br />DarrylDarryl Griffithshttps://www.blogger.com/profile/14606963192602668739noreply@blogger.comtag:blogger.com,1999:blog-16458652.post-57130191551508040912016-12-23T09:59:44.884+00:002016-12-23T09:59:44.884+00:00Very nice. Is this considered an exploit or a nor...Very nice. Is this considered an exploit or a normal way SAP operates? Vijayhttps://www.blogger.com/profile/15308493774244609190noreply@blogger.com