Development systems and extensive authorizations can increase the risk of an attack on SAP systems. [shutterstock: 399288955, hywards]
The first article of this series talked about the global deactivation of authorization checks for single authorization objects per transport. A similar risk results from the possibility of deactivating authorization checks transaction-specifically. It is even more difficult to detect an attack if this method is used, as the impact can be limited to one transaction.