Been doing some work on SAS Security lately and the post over on Angela Halls blog about Managing Metadata via EG, elicited my post. Particluary the comment “NOTE:: Deleting Metadata can cause orphan content elsewhere, so use this capability judiciously.”
When you first install SAS it by default optimistic, by that I mean it allows public, and SAS Users to do lots unless you stop them.
Now if you do the SAS Administrators course the first thing you get told is to secure metadata, i.e change it to a pessimistic view, where users can’t do anything unless you grant them (or a group they belong to) rights to do so.
Easier said than done, as you can’t just deny everything to Public and SAS Users as nothing will work (because they need to be able to read and write metadata to check what they can do 
So you need to play with your ACT and Group structure to initially deny them everything and then grant access to what you want them to see.
I suggest you at least deny the write metadata on anything you want to keep, before you show them in Enterprise Guide how to delete stuff
I beleive this all changes in SAS 9.2.
0 Comments.