After implementing this note I still have some questions and doubts:
1. what is the purpose of this program, what is the context of its use in a development or other environment as it provides a serious backdoor to the ABAP system ?
2. wouldn't be appropriate to check if the user has developer key (entry in table DEVACCESS) on top of the S_DEVELOP authorization ?
3. even if the note is implemented, in a development environment it is possible to easily change its own code wiping out the effects of the checks implemented by the note
All in all I think you don't need too much phantasy to imagine scenarios when this could pose serious threats to any system.
Any opinions ?
Thank you,
Miklos