- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- What is login/isolate_rfc_system_calls used for?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
What is login/isolate_rfc_system_calls used for?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-12-2016 2:35 PM
Currently I'm writing on a security baseline for configuration of Profile Parameters in our systems.
During this work, I have come accross the Profile Parameter login/isolate_rfc_system_calls.
Looking in RZ11 I find the parameter, but there is no description or documentaion to what it does, so I have no idea to what the proper value should be.
Can anyone guide me to a Note or explain to me what the parameter does?
Best regards,
Peter
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-12-2016 3:57 PM
This was discussed here once before, about 10 years ago. Until today the parameter remains undocumented because it was not implemented.
Parameter auth/rfc_authority_check was however extended and probably that is what the original intention behind isolate_system_calls was because within system function group SRFC you can now isolate individual function modules and not the whole group from authoity-checks and consequently authentication.
Others say it was a secret parameter for the kernel which was accidentally transported to customer systems and that it controls the ability to access next week's lottery numbers... 🙂
Cheers,
Julius
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-12-2016 3:57 PM
This was discussed here once before, about 10 years ago. Until today the parameter remains undocumented because it was not implemented.
Parameter auth/rfc_authority_check was however extended and probably that is what the original intention behind isolate_system_calls was because within system function group SRFC you can now isolate individual function modules and not the whole group from authoity-checks and consequently authentication.
Others say it was a secret parameter for the kernel which was accidentally transported to customer systems and that it controls the ability to access next week's lottery numbers... 🙂
Cheers,
Julius
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-15-2016 3:17 PM
Thanks, Julius
I found a couple of very old treads in here, but couldn't belive that it was still valid...
However, I'll check the trick with the lottery number in a sandbox later on 😉
Best regards,
Peter
- SAP Managed Tags:
- Security
