Definition of a Password
SAS software enables you to restrict access to members of SAS libraries by assigning
passwords to the members. You can assign passwords to all member types except
catalogs. You can specify three levels of protection: Read, Write, and Alter. When a
password is assigned, it appears as uppercase Xs in the log.
Note: This document uses the terms SAS data file and SAS view to distinguish between
the two types of SAS data sets. Passwords work differently for type VIEW than they
do for type DATA. The term “SAS data set” is used when the distinction is not
necessary.
read
protects against reading the file.
write
protects against changing the data in the file. For SAS data files, write protection
prevents adding, modifying, or deleting observations.
alter
protects against deleting or replacing the entire file. For SAS data files, alter
protection also prevents modifying variable attributes and creating or deleting
indexes.
Alter protection does not require a password for Read or Write access; write protection
does not require a password for Read access. For example, you can read an alter-
protected or write-protected SAS data file without knowing the Alter or Write password.
Conversely, read and write protection do not prevent any operation that requires alter
protection. For example, you can delete a SAS data set that is read- or write-protected
only without knowing the Read or Write password.
To protect a file from being read, written to, deleted, or replaced by anyone who does not
have the proper authority, assign read, write, and alter protection. To allow others to read
the file without knowing the password, but not change its data or delete it, assign just
write and alter protection. To completely protect a file with one password, use the PW=
data set option. For more information, see “Assigning Complete Protection with the
PW= Data Set Option” on page 728.
Note: Because of how SAS opens files, you must specify the Read password to update a
SAS data set that is only read-protected.
Note: The levels of protection differ somewhat for the member type VIEW. See “Using
Passwords with Views” on page 729.
Assigning Passwords
Syntax
To set a password, first specify a SAS data set in one of the following:
• a DATA statement
• the MODIFY statement of the DATASETS procedure
724 Chapter 34 • File Protection