Hello gurus,
SAP gateway is an SAP component which is responsible for handling client requests and redirecting them to appropriate SAP services for execution. Due to missing access control
settings, an attacker on the network can execute operating system commands on
any system that the SAP gateway manages.
To avoid this, I need to setup 2 parameters:
gw/reg_info -> /usr/sap/SID/instance_profile/data/reginfo
gw/sec_info -> /usr/sap/SID/instance_profile/data/secinfo
The strange thing is that I can see them in SMGW transaction -> Go to -> Parameters -> Display, and they seem to be set correctly.
But I am curious, aren't these parameters supposed to be visible also in rz11 or rz10 in the instance profile ?
Should I also add them over there ? Or it's enough that they are present in SMGW and it means they are already active ?
Thanks in advance for advising,
Cheers,
J.