Site Reliability Engineering
SAP Basis Management
The application layer is the central component of the SAP R/3 system. This layer is therefore also referred to by SAP as the actual basis system. Within the layer there are application servers and a message server.
An important area of SAP Security is the analysis of the customer's own SAP programs, which are classically written in the proprietary SAP language ABAP. Here, too, as in all programming languages, security vulnerabilities can be programmed - whether consciously or unconsciously. However, the patterns of security vulnerabilities in ABAP code differ from those in Java stacks or Windows programs. The goal of these conventional programs is usually to either crash the program (buffer overflow) or to artificially execute the program's own code (code injection). Both is not possible in ABAP, since a crash of a process causes nothing else than the creation of an entry in the log database (Dump ST22) and a subsequent termination of the report with return to the menu starting point. So a direct manipulation as in other high level languages or servers is not possible. However, there are other manipulation possibilities.
Migration to SAP HANA
The two main tasks of this function are: Deleting profiles including user assignments if no matching role exists. Deleting assignments between users and roles if either the user or the role does not exist.
With "Shortcut for SAP Systems" a tool is available that greatly facilitates some tasks in the SAP basis.
The website "www.sap-corner.de" offers many useful information about SAP basis.
Other client-independent transactions are located in the Cross Clients TCODES file.