Show TOC

Resource Protection on Front-End ClientLocate this document in the navigation structure

In the ABAP Development Tools, an ABAP project provides a user-specific view of all development objects of the back-end system. Like all other projects under Eclipse, ABAP projects, too, have a local representation of their data on the front-end and are managed in a workspace. In other words: When you have an ABAP project, local copies of development objects also exist on the front-end. This, in turn, means that both the metadata and the source code of development objects are also accessible outside the ABAP Repository at the level of the local file system.

Risks

The potential dangers lie in the following areas:

  • Metadata and sources of development objects being spied out by third parties
  • ABAP source code being manipulated locally on the front-end by third parties.If external users have access to the local workspace folder, they have the chance to manipulate the development objects on the file system level. Data changed at this level could be then propagated into the ABAP Repository as "hidden changes". In this way, even "malicious" ABAP source code could find its way in to the business application system.
Protection Measures

For the protection of local project resources, we strongly recommend the following protection measure:

Create your workspace folder for local storage of project resources in such a way that it cannot be read by third parties. Use the protection measures that are already provided at operating-system level.

Note

Files that are located under Windows in the user's private folder subtree can only be accessed by the user himself/herself, and by any user who is a local administrator.

In particular, we recommend making use of the default workspace that has been created with the IDE installation.