I have been tasked with cleaning up the ability for other users to view others spool requests. My understanding is that there was an EWR on this.
Frankly, I just do not have an understanding of this. I searched in this forum about this as I believe it is something very common and many posts say to see the FAQ in this section however I don't see anything in this forum that says "SECURITY FAQ's" or anything like that.
I have been told that the following authorization objects need to be addressed:
Object 1: S_TCODE with TCD = SP01 or SP01O
Object 2: S_ADMI_FCD with S_ADMI_FCD = SP01 or SP0R
Object 3: S_SPO_ACT with SPOACTION = BASE and DISP and SPOAUTH = * or
__USER__
With this being such a popular issue I would think that someone would have a very detailed write up on how to fix this but I cannot find one just yet.
Can anyone shed some light on how to resolve this or how I track down these authorizations?
For example I see the authorization object S_TCODE in SU21 but I don't see anything in there about SP01 or SP010. I am sure this is much more detailed than this but that is the information I am looking for. The more detail the better.
All help appreciated.