Hello experts,
In our current landscape SU24 was not maintained for custom tcodes, RFCs and webservices. The backgoud of our systems is unit testing has been completed for all the cusotm developed roles without maintaining of SU24 for any custom work.
When it comes to the S_RFC usage, below are the values given in a role and assigned to the 150+ end test users in a system:
S_RFC
Activity: 16
RFC_Name: *
RFC_TYPE: FUGR, FUNC
I would like to summarize the risk of this practice and remediation approach in less time. If I would be the one has to work on this RFC security in the beginning then I follow the best practice RFC wiki page steps.
Your suggestions and comments will greatly help us ( my management) to deal this in better way. My voice alone not making much progress on this for a while.
Thanks,
Himadama