SAP Parameter gw/sec_info - External security filename for gateway


Short text
External security filename for gateway

Parameter description
This parameter can be used to protect external programs against beingstarted. Any unauthorized starting of external programs can be preventedby maintaining the file secinfo in the data directory of the gatewayinstance. The the entries in this file have the following
USER=<(><<)>user>, [PWD=<(><<)>pwd>,] [USER-HOST=<(><<)>user_host>,]... HOST=<(><<)>host>,TP=<(><<)>tp>;
A corresponding line will allow the user <(><<)>user> to start theprogram <(><<)>tp> on the host <(><<)>host>.
The level of authorization checking performed can be increased byspecifying PWD and/or USER-HOST.
USER=mueller, HOST=hw1414, TP=test;
USER=hugo, PWD=pass, USER-HOST=hw1234, HOST=hw1414, TP=prog;
User mueller can run program test on host hw1414.
User hugo can run program prog on host hw1414, as long as s/he logged onto the gateway from host hw1234 and used the CPIC call CMSCSP to set thesecurity password to pass.
If the user has used the CMSCSU call to set the security user, this isalso used for checking. '*' can be used as a wildcard for allparameters. If PWD and/or USER-HOST is/are not specified, value * isassumed.
All users should be allowed to run program test on host hw1414: USER=*
The current list of security entries can be viewed with the monitor, anda refresh can be triggered from the security file.

Work area

Parameter unit
File name

Default value
<(><<)>Data directory>/secinfo

Who is allowed

Limitation for os

Limitation for db

Other parameter

File name