When you have your os controls to data organized there is no way SAS is able to overrule those.
OS control is not allowing the access views (sql or datastep) cannot gain access.
It is the same with logical links on the os level.
When you find a loophole than have the OS being bashed.
This is different when you believe the sas metadata security. That one is not having that nice restriction as it leaving OS controls wide open. Bypasses are to be found. Run your we services open on the same and you are expecting a data breach.
---->-- ja karman --<-----