list ACL _all_ ;
quit;
Column-Level Security
The goal of column-level security is to allow only privileged users to access sensitive
columns of tables that other users cannot read.
LIBNAME user1 sasspds 'onepath' server=zztop.5161 user='user1'
password='spds123';
LIBNAME user2 sasspds 'onepath' server=zztop.5161 user='user2'
password='spds123' aclgrp='group2';
LIBNAME user6 sasspds 'onepath' server=zztop.5161 user='user3'
password='spds123' aclgrp='group2';
/* generate some dummy data */
data user1.t;
id=1;
salary=2000;
run;
/* Example of only user2 in group2 */
/* being allowed to read column */
/* salary */
PROC SPDO library=user1 ;
/* Assign who owns the ACLs */
set acluser;
/* Clean Up */
delete ACL t;
delete ACL t.salary;
/* Create an ACL on table t to */
/* allow members of group2 to read */
/* table */
add ACL t;
modify ACL t / group2=(y,n,n,n);
/* Create an ACL on column t.salary*/
/* to only allow user2 of group2 to */
/* read the column */
add ACL t.salary;
modify ACL t.salary / group2=(y,n,n,n);
quit;
/* Let both users print the table */
/* Only user2 can access column */
/* salary */
proc print data=user2.t;
run;
proc print data=user6.t;
ACL Security Examples 185
