topic Re: Secure 9.4 libraries in Administration and Deployment

Secure 9.4 libraries

AnnLyn — Sat, 26 Oct 2024 07:02:21 GMT

Hi,

we have users who has deleted shared libraries. How can I secure the libraries and the users still be able to manage eg. delete and add tables metadata and physically? We are running Sas 9.4 m8 standard.

thanks in advance.

regards,

Ann

Re: Secure 9.4 libraries

AnnLyn — Sat, 26 Oct 2024 07:05:05 GMT

I know that we should define a ACT but is it possible to secure library and the users still have write and delete access to data below.

Re: Secure 9.4 libraries

Kurt_Bremser — Sat, 26 Oct 2024 08:34:45 GMT

Did they delete the libraries physically from the filesystem, or just their definition in metadata?

Re: Secure 9.4 libraries

Patrick — Sat, 26 Oct 2024 12:35:35 GMT

@AnnLyn wrote:
I know that we should define a ACT but is it possible to secure library and the users still have write and delete access to data below.

Assuming you're talking about SAS metadata:

If you don't have a security model that uses ACT's then it feels this model needs some improvement.

You could definitely secure the library metadata from deletion while still allowing to register/modify table metadata for this library. Easiest would be to store the library metadata object in a different folder.

Having said that: In a prod environment "normal" users should likely not be allowed to modify metadata at all. In a DEV environment: I'm of the opinion that developers need to take some responsibility and that admins shouldn't secure things too much as it can complicate justified developments activities. If there are developers who create "a mess" then this needs eventually to be addressed via training instead of tightened security.

Re: Secure 9.4 libraries

AnnLyn — Sat, 26 Oct 2024 13:52:52 GMT

They delete metadata libraries not physically.