|
Each user of a database must have a name they enter when connecting to the database, called a user ID. Proper management of user IDs and permissions lets users of a database perform their jobs effectively, while maintaining the security and privacy of information within the database.
Database permissions are assigned to user IDs. Throughout this chapter, the term user is used as a synonym for user ID. You use SQL statements for assigning user IDs to new users of a database, granting and revoking permissions for database users, and finding out the current permissions of users.
Even if there are no security concerns regarding a multi-user database, there are good reasons for setting up an individual user ID for each user. In addition to granting permissions to individual users, you can also grant permissions to groups of users. The administrative overhead is very low if a group with the appropriate permissions is set up.
You may want to use individual user IDs since:
The Log Translation utility (dblog) can selectively extract the changes made by individual users from a transaction log. This is very useful when troubleshooting or piecing together what happened if data is incorrect.
Sybase Central displays much more useful information so you can tell which connections belong to which users.
Row locking messages (with the blocking option set to Off) are more informative.
DBA authority overview
RESOURCE authority overview
BACKUP authority overview
VALIDATE authority overview
Ownership permissions overview
Table and views permissions overview
Group permissions overview