Solution : https://service.sap.com/sap/support/notes/854060 (SAP Service marketplace login required)
Summary :
This SAP Note addresses the authorization checks required when scheduling or executing external commands using transactions such as SXPG_COMMAND_EXECUTE and SM49. It clarifies that authorization checks against S_LOG_COM (fields include COMMAND, OPSYSTEM, HOST) are not performed in certain scenarios; checks are only done when commands are directly executed or within certain job steps when already scheduled. To enforce these checks in scenarios where they are missing, users will need to adjust settings in the BTCOPTIONS table by setting LOGCOMM_AUTHCHECK to ON. This does not change existing checks in scenario 4. Implement these changes using SNOTE or relevant Support Packages.
Key words :
btcoption = logcomm_authcheckvalue1 = onthis table entry, relevant support package, operating system level, job step user, specific operating system, scenario 4 remains unchanged, authorization object s_log_com, previous behavior sufficient, table btcoptions, authorization object
Related Notes :
859104 | Authorizations for external programs |
677435 | Overview: external programs and external commands |