we have an <removed by moderator> issue to protect bmp files,
which are signatures of important people
and this protection is needed against changes and misue.
In SE78 you can upload bmp and tiff, we want to protect these file
with a graphic id Zxxx. But the standard transaction SE78 is only
checking the sapscript graphics and not the graphical ones.
In note 154823 only the sapscript is covered but not the 'Stored on
Document Server' graphics. The auth object S_SCRP_GRA is obsolete and
should be replaced by something new. Or is there an alternative way to
protect the files for a smartform?
Message was edited by: Thomas Zloch
One could start with limiting who can execute SE78 in Production (nobody or Basis team?). However, since these can be transported, if I remember correctly, testing and initial verification against actual signature should be adequate. Since the user cannot change the output for a SmartForm, I'm not sure that I see an issue...since the typical user would be clueless about se78.
Maybe just a side note, you can consider to use different signature images for DEV, QAS systems and PRD systems. In your code (either in print program or Smartform) you can use different signatures images based on the system. Therefore, you can fake/dump signatures for DEV and QAS systems for just test purpose.