When you create a database, the SYS, PUBLIC, and dbo groups are also automatically created. None of these groups has passwords, so it is not possible to connect to the database as SYS, PUBLIC, or dbo. However, these groups serve important functions in the database.
PUBLIC group The PUBLIC group has SELECT permission on the system tables. As well, the PUBLIC group is a member of the SYS group, and has read access for some of the system tables and views, so any user of the database can find out information about the database schema. If you want to restrict this access, you can REVOKE PUBLIC's membership in the SYS group.
Any new user ID is automatically a member of the PUBLIC group and inherits any permissions specifically granted to that group by a user with DBA authority. You can also REVOKE membership in PUBLIC for users if you want.
DIAGNOSTICS group The DIAGNOSTIC group owns the diagnostic tables and views. Members in this group inherit permissions to run diagnostic operations. See Monitoring and improving database performance.
dbo group The dbo group owns many system stored procedures and views. The dbo group is a member of the SYS group. The PUBLIC group is a member of the dbo group. The dbo group also owns tables used for UltraLite and MobiLink.
SA_DEBUG group Membership in the SA_DEBUG group allows users to use the SQL Anywhere Debugger. See Debugging procedures, functions, triggers, and events.
SYS_SPATIAL_ADMIN_ROLE group Membership in this group allows users to create, alter, or drop spatial reference systems and spatial units of measure. See Introduction to spatial data.
EXTENV_MAIN and EXTENV_WORKER users EXTENV_MAIN and EXTENV_WORKER are used for external environment support. They are for internal use only and have limited permissions. See SQL Anywhere external environment support.
Discuss this page in DocCommentXchange.
|Copyright © 2010, iAnywhere Solutions, Inc. - SQL Anywhere 12.0.0|