Protecting the System Profile Parameter Files
Certain security-relevant configurations are contained in the following system profile files (for example, the profile parameters login/no_automatic_user_sap* or login/fails_to_user_lock).
| File | Description |
|---|---|
| <SID>_<Instance> | System profile for the application server |
| START_<Instance> |
Start script |
|
DEFAULT.PFL |
Global profile file |
Protect these files from unauthorized access. If an intruder manages to access and change these files, he or she can change the system configuration for the next time that the system is started.
Limit access to these files to as few people as possible. Regularly check that these files have not been tampered with.
Maintain these files with the transaction RZ10.