Date:         Wed, 13 Oct 1999 11:27:41 -0400
Reply-To:     john_iwaniszek@worldnet.att.net
Sender:       "SAS(r) Discussion" <SAS-L@LISTSERV.UGA.EDU>
From:         john_iwaniszek@WORLDNET.ATT.NET
Organization: AT&T WorldNet Services
Subject:      Re: "Secure" macro ?
Content-Type: text/plain; charset=us-ascii

thanks for the lesson, it might come in handy one day.

I agree with you regarding the tenuous nature of security in SAS.  My
partner and I wrote an elaborate system of macros called MRS that we
briefly considered somehow password protecting.  I wrote a demonstration
macro that had a password on mprint and symbolgen, but we decided that
the open source mode would be better for everyone.  We would benefit by
reduced time in upgrading and bug fixes and our users would benefit from
customizability and contributing to the library of code.


MP WELCH wrote:

> John,
>
> I tested under V8 on OS/390 and V8 on NT and
> old-style (substitution) macros still appear
> to work. Although I don't find any reference
> after a quick look through the V7 doc so SAS
> is probably trying to move users away from
> using them or I just gave up too soon...
>
> Anyway, old-style macros can be thought of as
> text replacement.
>
> If it finds the word after the MACRO statement
> in the source code it will replace occurrences
> of the word with the text between the word and
> the percent sign.
>
> On my OS/390 V6 and V8 the macro statement
> MACRO NOSOURCE SOURCE SOURCE2 MACROGEN SYMBOLGEN %
>
> replaces NOSOURCE with
> SOURCE SOURCE2 MACROGEN SYMBOLGEN
> in the following code:
>
> MACRO NOSOURCE SOURCE SOURCE2 MACROGEN SYMBOLGEN %
> OPTIONS NOSOURCE;
>  DATA TEST;
>  DATE=MDY(1,1,00);
>  FORMAT DATE DATE9.;
>  PUT DATE=;
>  RUN;
>
> Under Windows, resetting options within a session
> is quirky but this example shows the substitution
> capability of old-style macros under Windows:
>
> Macro myfoot myarm %
> Macro center nocenter %
>
> Options center;
> data test;
> myfoot = 'left';
> run;
> proc print;
> run;
> ----------output----------
> The SAS System
>
> Obs    myarm
>
>  1     left
> --------------------------
>
> Running with and without the macro statements will
> show the substitution effects.
>
> My initial reply was just to note that for each
> protection method of source code someone will
> probably come up with a way to circumvent it.
>
> mp welch
>
> -----Original Message-----
> From: john.iwaniszek [mailto:john_iwaniszek@WORLDNET.ATT.NET]
> Sent: Tuesday, October 12, 1999 6:45 AM
> To: SAS-L
> Cc: john.iwaniszek
> Subject: Re: "Secure" macro ?
>
> I am not familiar with that syntax.  Can you please provide a little
> more
> detail?
>
> John
>
> MP WELCH wrote:
>
> > John,
> >
> > Don't give up so easy...
> >
> > How about using old-style macro like:
> >
> > MACRO NOMPRINT MPRINT %
> >
> > To convert any NOMPRINT instances in the compiled
> > code back to MPRINT?
> >
> > mp
> >
> > -----Original Message-----
> > From: john.iwaniszek [mailto:john_iwaniszek@WORLDNET.ATT.NET]
> > Sent: Monday, October 11, 1999 12:34 PM
> > To: SAS-L
> > Cc: john.iwaniszek
> > Subject: Re: "Secure" macro ?
> >
> > You are correct.
> >
> > Paige Miller wrote:
> >
> > > john_iwaniszek@worldnet.att.net wrote:
> > > >
> > > > a macro can be 'decompiled' by running it with mprint turned on
> and
> > also using
> > > > mfile to route mprint output to a file.
> > >
> > > If the first line of the compiled macro is
> > >
> > > OPTIONS NOMPRINT NOSOURCE;
> > >
> > > then doesn't this make the remainder of the macro secure?
> > >
> > > --
> > > Paige Miller
> > > Eastman Kodak Company
> > > paigem@kodak.com
> > > "It's nothing until I call it!" -- Bill Klem, NL Umpire