COMMUNITIES

Select Your Region

Visit the Cary, NC, US corporate headquarters site

Americas

Europe

Middle East & Africa

Asia Pacific

View our worldwide contacts list for help finding your region

Americas

Europe

Middle East & Africa

Asia Pacific

Sign In

Get access to My SAS, trials, communities and more.

Sign Out

Get access to My SAS, trials, communities and more.

SAS Sites

sas.com
Support
Blogs
Communities
Developer
Curiosity
Videos

Documentation

Learn
Brand
PartnerNet
Merchandise

SAS Programming

DATA Step, Macro, Functions and more
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
shwilliams4
Obsidian | Level 7 shwilliams4
Obsidian | Level 7

Option to keep a macro variable from printing

Posted 03-07-2014 02:26 PM (5326 views)

The programs I run often require a password which usually comes in the form of a macro variable that can then be printed to the log window. Log windows may be saved for audits.

We use SQL pass-through mostly for speed considerations.

I am wondering if SAS would consider puting an option on the %let statement to keep certain macro variables from printing.

It is done in SAS Stored procedures for variables named <something>_password.

Sumner

0 Likes
Reply
11 REPLIES 11
Peter_C
Rhodochrosite | Level 12 Peter_C
Rhodochrosite | Level 12

Re: Option to keep a macro variable from printing

Posted 03-07-2014 02:43 PM (5211 views)  |   In reply to shwilliams4

Before the statements revealing that mVar use statements

%let oldopts =

%sysfunc( getoption( mprint))

%sysfunc( getoption( Symbolgen))

%sysfunc( getoption( mLogic))

;

option NOmprint NOsymbolgen NOmlogic ;

After the statement that (no longer) reveals the password, use this statement to reinstate any macro debugging:

Option &oldopts ;

Reply
shwilliams4
Obsidian | Level 7 shwilliams4
Obsidian | Level 7

Re: Option to keep a macro variable from printing

Posted 03-07-2014 02:48 PM (5211 views)  |   In reply to Peter_C

I need the symbolgen mlogic mprint on for the log files audits.

Symget was something I tried in the past and it didn't work.

I want a property to be on the macro variable that makes it so SAS knows the macro variable should not be printed versus using a different method of calling the macro variable. This may not be possible as macro variables are plain text with no real inherent properties.

0 Likes
Reply
Peter_C
Rhodochrosite | Level 12 Peter_C
Rhodochrosite | Level 12

Re: Option to keep a macro variable from printing

Posted 03-07-2014 03:24 PM (5211 views)  |   In reply to shwilliams4 
shwilliams4




you wrote:




I need the symbolgen mlogic mprint on for the log files audits.




.

expecting this "need" I offered you two statements - one to retrieve the current settings before masking the password, and one to reinstate after.

You suggest something which might be possible. Create an IDEA.

peter.C

Reply
Fugue
Quartz | Level 8 Fugue
Quartz | Level 8

Re: Option to keep a macro variable from printing

Posted 03-07-2014 03:11 PM (5211 views)  |   In reply to Reeza

Thanks for contribution, Reeza. I also linked a document by Carpenter dealing with the issue of masking passwords. Was hoping the OP would read it and see if there was anything useful there.

0 Likes
Reply
shwilliams4
Obsidian | Level 7 shwilliams4
Obsidian | Level 7

Re: Option to keep a macro variable from printing

Posted 03-07-2014 03:52 PM (5211 views)  |   In reply to shwilliams4

All great ideas I have aexplored. Peter C. lead me down the path of Creating an Idea which is more of what I needed.

0 Likes
Reply
Reeza
Super User Reeza
Super User

Re: Option to keep a macro variable from printing

Posted 03-07-2014 06:00 PM (5211 views)  |   In reply to shwilliams4

Proc pwencode comes fairly close to what you need for the moment, as it keeps your password from appearing in the log.

0 Likes
Reply
shwilliams4
Obsidian | Level 7 shwilliams4
Obsidian | Level 7

Re: Option to keep a macro variable from printing

Posted 03-07-2014 06:13 PM (5157 views)  |   In reply to Reeza

Not really. Having the encrypted password in the log does not make it secure.You are corect that one does not know the password, but they don't need to know the password in order to get into the system.

Internally we lock our databases down to protect PHI and Employee PHI. Having the encrypted password go into a log means someone without access to EPHI can use that login/encrypted password to see EPHI. This user would be internal to the company with access to every system.

While {sas02}A48sdgkjsdhkljer may seem secure because you can't see the original password, that encrypted password can still be used to get access to the system. A log file that says password = ********** is secure.

0 Likes
Reply
Tom
Super User Tom
Super User

Re: Option to keep a macro variable from printing

Posted 03-07-2014 06:19 PM (5157 views)  |   In reply to shwilliams4

There are methods to deal with this.

One is better coding to turn off MPRINT, SYMBOLGEN while dealing with the password.

.

Another is better methods of connecting using SAS BI tools so that passwords are not stored in macro variables.

Reply

sas-innovate-white.png

Special offer for SAS Communities members

Save $250 on SAS Innovate and get a free advance copy of the new SAS For Dummies book! Use the code "SASforDummies" to register. Don't miss out, May 6-9, in Orlando, Florida.

 

View the full agenda.

Register now!

How to Concatenate Values

Learn how use the CAT functions in SAS to join values from multiple variables into a single value.

Watch How to Concatenate Values on YouTube

Find more tutorials on the SAS Users YouTube channel.

SAS Training: Just a Click Away

 Ready to level-up your skills? Choose your own adventure.

Browse our catalog!

Discussion stats
  • 11 replies
  • ‎03-07-2014 02:26 PM
  • 5327 views
  • 6 likes
  • 5 in conversation
li.common.scroll-to.top