SAS Scalable Performance Data Server 4.5 Administrator's Manual page 180

174
Chapter 14 • ACL Security Overview
/* Mary can't write to anonymous_table */
Read Only Tables
A common security measure in SPD Server assigns an SPD Server ID to act as the owner
of a domain and to provide control over it.
Typically, one or two user IDs administer table loads and refreshes . These user IDs can
perform all the jobs that are required to create, load, refresh, update, and administer SPD
Server security. Using one or two user IDs centralizes the data administration on the server.
More than one ID for data administration spreads responsibility and still provides backup.
The following example demonstrates how to allow different groups access to the domain,
tables, and how different groups can control resources in the domain.
/* assign who owns the ACLs */
/* add a LIBNAME ACL to d1
The MODIFY statement in the code below enables the following actions:
•
•
•
title
'mary reading anonymous_table' ;
run ;
data mary.anonymous_table ;
do i = 1 to 100 ;
output ;
end ;
run ;
LIBNAME d1 sasspds 'd1'
server=zztop.5162
user='admin1'
password='spds123'
IP=YES ;
PROC SPDO library=d1 ;
set acluser admin1 ;
add ACL / LIBNAME ;
Any user in same group as admin can read, write, or alter tables and modify the
LIBNAME access to the domain.
Users in group1 and group2 receive read access to the domain.
Users in group3 and group4 receive read and write access to the domain.
modify ACL / LIBNAME
admingrp=(y,y,y,y)
group1=(y,n,n,n)
group2=(y,n,n,n)
group3=(y,y,n,n)
group4=(y,y,n,n) ;
list ACL _all_;
quit ;
*/