Protecting the System Profile Parameter
Files
Certain security-relevant configurations are contained in the following system profile files (for example, the profile parameters login/no_automatic_user_sap* or login/fails_to_user_lock):
System Profile Files
|
File |
Description |
|
<SID>_<Instance> |
System profile for the application server |
|
START_<Instance> |
Start script |
|
DEFAULT.PFL |
Global profile file |
You should protect these files from unauthorized access. If an intruder manages to access and change these files, he or she can change the system configuration for the next time that the system is started.
Make sure that as few people as possible are given access to these files. Regularly make sure that these files are authentic.
Maintain these files with the transaction RZ10.