on 05-07-2009 11:49 AM
Dear All,
what is the main function of note 1304803 .
what kind of testing we will have to do after implementing note , in the sense how are these object access ? Will we able to test this change.?Please advise any one .
Thanks,
Thiru
Hi,
First you have to know why you want to import notes into your system.
for eg : if you are facing any issues with Runtime error then you have to import the proper note to solve the issue.
but you are asking about note functionality in forum, i am sure u have to read the note and you have to understand the sideeffects of the note.
-Srini
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The notes are implemented if you face any issues in system,so if you are getting an error and you wish to implement the note mentioned ,you can implement that through SNOTE
After that the error in SAP system must not appear
Let me know of any questions
Rohit
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
No this note is belongs to Security, we also received 4 Note from SAP related to Security, but when i read the note we didnot understand the symptom which is descibed in the Note then i sent the mail to SAP related to the same query how to identify the problem and after implementation how to test, but still waiting for their reply.
Regards,
Subhash
@Vamsi
There is not any manual correction required, This note can be ally through SNOTE but the main question is there is not clearly mentioned in the note what exactly the sympotm is? why we apply the note, and how can we check the securtiy implication is not going to happen after the implementing the note.
@Thiru
Yes sure i will update the same
Regards,
Subhash
Hi,
As far as I know note will correct some program,function module or any workbech object.
If it is a note which correction can be implemented using the Snote then note has some correction instructions or attachments, just open the correction instruction, you will find which program or which fm or class the correction is made.
I am sure at end of the note it will be mentioned to which component it belongs say bc or crm or some thing like that.
Regards,
Vamshi.
Yes You are right Vamshi. We can find out the component name as well as programme name also. Let mt tell you my point.
As per the Note :1304803 Security Note : changing a transport without Authorization.
Symptom
Certain reports that do not have an authorization check can create or change transport requests and change the piece list of a request.
This is a security breach.
Other terms
Security breach
Reason and Prerequisites
This problem is caused by a delivery error.
Now i am not able to understnad the Symptom which is given in this note, Are you able to understand what does it mean?
Regards,
Subhas
Hi,
what i could make out from the note you have given is, it fixes some errors in the transport management system. The normal behaviour is, if you are trying do some changes in a configuration table xyz, you will get a message that "the object is locked in request MD1Kxxxx". This request might be owned by some other person, and the request is not released.
As per the note, if your system release 640 and the SAP_BASIS is at SAPKB64023, you may not get such messages in some cases where the program(report), which is trying to make the change in the table xyz, is not having any authorization checks. This will eventually go and update the transport request details in table E070, E071 etc..
Guys..please correct me if I'm wrong...
Regards,
Anish
SAP Reply
Note 1304803 Security note: Changing a transport without authorization
The correction deactivates the reports TH_E070U, TH_E071U and
TH_TKANL(and the support package removes the reports).
Test:
If the reports still exists they should have an EXIT. statement right
after the REPORT statement.
Submit the report. You will see the selection screen but nothing else
will happen if you execute the report.
Regards,
Subhash
Edited by: Subhash Chandra on May 20, 2009 9:11 AM
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.