SAP Note 338177 - Authorization check when executing programs

Component : ABAP Workbench, Java IDE and Infrastructure -

Solution : https://service.sap.com/sap/support/notes/338177 (SAP Service marketplace login required)

Summary :
This SAP Note details the authorization checks for program executions within the development environment. In transaction SE38, executing reports requires only the 'Display' activity from the S_DEVELOP authorization object, effective from BASIS Release 5.0. Similarly, for SE37 transactions testing function modules, the same authorization suffices. However, the 'SUBMIT report' only checks the S_PROGRAM authorization if the program attributes contain an authorization group; absent this, no check occurs. Additionally, changes involving execution authorizations necessitate considerable modifications in both the development environment and system runtime, which are seen as unnecessarily extensive and laborious from SAP's perspective.

Key words :
executable program performs critical actions, ecatt test configurations, authorization object s_develop, 'submit report' checks, authorization object s_program, required authorizations individually, authorization concept stricter, additional authorization check, authorization group field, function module checks

Related Notes :

1393432EHS: Authorization checks during data transfer
1012066Security note: Authorization check when executing reports
826994RACHECK1: entering authorization group as security
33154Report authorizations without SSCR
20534
16669Authorization check when executing a report
7642Authorization protection of ABAP/4 programs