Show TOC Start of Content Area

Background documentation Data Storage Security   Locate the document in its SAP Library structure

Design Time Repository

You can use Access Control Lists (ACL) to grant users and user groups access rights for the resources in the Design Time Repository (DTR). However, if you want to store highly sensitive data in the DTR, we recommend you set up a dedicated DTR server. Restrict access to this server directly at the AS Java level.

Component Build Service

One of the basic design concepts of the SAP NetWeaver Development Infrastructure (NWDI) is to provide a development infrastructure that can handle any type of development. Consequently, the Component Build Service (CBS) can be enhanced with instructions to build any type of development object. This could allow unauthorized persons to infiltrate the CBS server with malicious instructions and execute them.

To minimize potential risks, we recommend you to install the CBS server in a protected network environment. Restrict the communication routes of the CBS server as appropriate for NWDI operations.

To be able to support different technologies CBS allows developers to insert executable code into the build sequence. The build sequence is executed on the CBS, which could lead to a security breach.

It is possible to add a velocity macro prebuild.vm or build.vm or postbuild.vm file to the cfg-folder of a development component (DC). This velocity macro is then executed to create an Ant build file that is then executed. Arbitrary Java code can be compiled in another Java DC and published as a DC public part to provide custom Ant tasks.

Link to external website

For more information, see jakarta.apache.org/velocity and ant.apache.org.

You can suppress the execution of build macros contained in the cfg-folder using the internal build-option ignore.dc.cfg.folder, but that is neither intended as a security-measure nor does it provide a complete solution to the problem. Execution on the CBS will be within a build tool VM, that is, within a process owned by the service-user of the AS Java.

You should take appropriate measures to ensure that the code cannot access sensitive data. For example, communication of the host running CBS should be restricted, CBS should not run on an AS Java that contains productive data, and so on.

Change Management Service

For information about data security in CMS, see File Access Rights for the NWDI Transport Directory.

End of Content Area