Registration Authorizations for Starting External Programs 
You can protect against the registration of external programs by using an access control list (ACL). To do this, set the parameter gw/reg_info.
For more information, see: Security Parameters
You can prevent any unauthorized registration of programs by making the relevant entries in file reginfo in the data directory of the gateway instance.
Recommendation
Since important security information is held in this file, the system administrator must take care to define the file authorization correctly, for example, read-only authorization for the file owner, and no authorization for all other users.
Process Flow
As soon as a program has registered in the gateway, the attributes of the retrieved entry (specifically ACCESS) are passed on to the registered program. This means that if the file is changed and the new entries immediately become active when security data is reloaded, the servers already logged on will still have the old attributes. To assign the new settings to the registered programs too (if they have been changed at all), the servers must first be deregistered and then registered again.
The file is read when the gateway is started up. Dynamic changes can be made by changing, adding to, or deleting the entries in the reginfo file. Then the file can be immediately activated by reloading the security files.
Caution
Note that when the gateway is started, both security files are read in afresh.
Successful and rejected registrations, and calls from registered programs can be ascertained using Gateway Logging with indicator S.
Any error lines are put in the trace file dev_rd, and are not read in.
Procedure
Maintain the reginfo file as described in Maintaining the reginfo File.
Reload the security settings (transaction
SMGW 
Goto Expert Functions External Security Read Again 
) or restart the gateway.Check the configuration by searching for error messages in trace file dev_rd.