| SAS/ACCESS Software for PC File Formats: Reference |
The
SAS System enables you to control access to SAS data sets and access descriptors
by associating one or more SAS System passwords with them. You must first
create the descriptor files before assigning SAS passwords to them, as described
in Assigning Passwords. Password and Descriptor Interaction summarizes
the levels of protection that SAS System passwords have and their effects
on access descriptors and view descriptors.
When you create view descriptors, you can use a SAS data set
option after the ACCDESC= option to specify the access descriptor's password
(if one exists). In this case, you are not assigning a password
to the view descriptor that is being created. Rather, using the password grants
you permission to use the access descriptor to create the view descriptor.
For example:
proc access dbms=dbf
accdesc=adlib.customer(alter=rouge);
create vlib.customer.view;
select all;
run;
By specifying the ALTER-level password, you can read
the ADLIB.CUSTOMER access descriptor and therefore create the VLIB.CUSTOMER
view descriptor.
For detailed information on the levels of protection
and the types of passwords you can use, refer to your base SAS software documentation.
To assign, change, or
delete a SAS password, use the DATASETS
procedure's MODIFY statement. Here is the basic syntax for using PROC DATASETS
to assign a password to an access descriptor, a view descriptor, or a SAS
data file:
PROC DATASETS LIBRARY= libref MEMTYPE= member-type;
|
MODIFY member-name
(password-level= password-modification);
|
|
In this syntax statement, the
password-level argument can have one or more of the following values: READ=,
WRITE=, ALTER=, or PW=. PW= assigns read, write, and alter privileges to
a descriptor or data file. The password-modification
argument enables you to assign a new password or to change or delete an existing
password. For example, this PROC DATASETS statement assigns the password MONEY
with the ALTER level of protection to the access descriptor ADLIB.SALARIES
proc datasets library=adlib memtype=access;
modify salaries (alter=money);
run;
In this case, you are prompted for the password whenever
you try to browse or edit the access descriptor or to create view descriptors
that are based on ADLIB.SALARIES.
In the next example, the PROC DATASETS statement assigns
the passwords MYPW and MYDEPT with READ and ALTER levels of protection to
the view descriptor VLIB.JOBC204:
proc datasets library=vlib memtype=view;
modify jobc204 (read=mypw alter=mydept);
run;
In this case, you are prompted for the SAS passwords
when you try to read the PC file data, or try to browse or edit the view descriptor
VLIB.JOBC204 itself. You need both levels to protect the data and descriptor
from being read. However, you could still update the data accessed by VLIB.JOBC204,
for example, by using a PROC SQL UPDATE statement. Assign a WRITE level of
protection to prevent data updates.
To delete a password on an access descriptor or any
SAS data set, put a slash after the password:
proc datasets library=vlib memtype=view;
modify jobc204 (read=mypw/ alter=mydept/);
run;
Copyright © 1999 by SAS Institute Inc., Cary, NC, USA. All rights reserved.
