ABAP Keyword Documentation → ABAP - Release-Specific Changes → Changes in Release 7.40 → Changes in Release 7.40, SP08
Security Checks in Release 7.40, SP08
The security checks in the extended program check were revised as follows in Release 7.40, SP08, alongside general improvements in data flow analysis and performance:
2. Security-relevant function modules
Other versions:
7.31 | 7.40 | 7.54
Modification 1
Use of System Fields
The system fields sy-host
, sy-sysid
, and sy-mandt
in
logical expressions can indicate potential
back doors, like when using sy-uname
, and are now checked accordingly.
It is possible to define additional system fields, for which this check is performed, by implementing BAdI SLIN_BADI_SEC_BACKDOOR.
Modification 2
Security-Relevant Function Modules
The check that ensures that the return code sy-subrc
is evaluated when a
security-relevant function module (such as AUTHORITY_CHECK_TCODE or FILE_VALIDATE_NAME) is called was revised so that the list of predefined function modules can be expanded using the
BAdI SLIN_BADI_SEC_PROCEDURES. The program RSLIN_SEC_DISPLAY_SECREL_PROC displays the full list.
Modification 3
Administration Transaction
The new transaction SLIN_ADMIN is used for the administration of the extended program check and the security checks.