Skip to Content
Former Member
Feb 16, 2012 at 11:53 AM

Risk associated with AUTH_SWITCH_OBJECTS


As discussed in previous threads the following was indicated wrt auth/object_disabling_active:

The auth/object_disabling_active parameter is a prerequisite for globally deactivating checks on individual authorisation objects.

If the paramter is set to "Y", the disabling of checking of authorisation objects globally through transaction u201CAUTH_SWITCH_OBJECTSu201D is not prevented.

My question:

What is the risk associated, if the transaction AUTH_SWITCH_OBJECTS is not contained within any role or assigned to any user including the authorisations team? Due to this transaction not being assigned or even in existence within our productive environment, no auth object has been disabled from auth relevancy.

Thank you!