cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

tcode SQVI post any security threat in production system ?

Go to solution
Former Member

on ‎05-29-2008 8:50 AM

0 Kudos

hi,

my user is requesting to use tcode sqvi in production, but authorisation team do not allow as the tcode will allow user to do query across.

is SQVI a security critical tcode that we should not let user have in Production system ?

comment and advice will be highly appreciated.

regards,

kent

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

JPReyes
Active Contributor
‎05-29-2008 9:41 AM

Read this thread, should answer your question.

Regards

Juan

Show replies
Show replies

Answers (1)

Answers (1)

Former Member
‎05-29-2008 12:29 PM
0 Kudos

> 

> hi,
> 
> my user is requesting to use tcode sqvi in production, but authorisation team do not allow as the tcode will allow user to do query across.
> 
> is SQVI a security critical tcode that we should not let user have in Production system ?
> 
> comment and advice will be highly appreciated.
> 
> regards,
> kent

i'm sorry i saw this post too late ... of course SQVI is VERY security-critical. It requires S_TABU_DIS on every table used in sqvi. if you have more than one company code, more than one plant, more than one purchasing organisation you will no longer be able to prevent your user reading data from other organisational structures!! you might as well give access to SE16(N) then.

follow this thread about queries (sqvi is a small-time query) in the SDN security-forum for more on the topic:

Edited by: Mylene Euridice Dorias on May 29, 2008 1:31 PM

Show replies
Show replies
Ask a Question