The database owner is the creator of a database or someone to whom database ownership has been transferred. A system administrator can use the grant command to grant users the authority to create databases.
A database owner logs in to Adaptive Server using his or her assigned login name and password, and has the “dbo” account. When this user logs in to databases they did not create, this user is known by his or her regular user name.
A database owner can:
Run the system procedure sp_adduser to allow other Adaptive Server users access to the database
Use the grant command to give other users permission to create objects and execute commands within the database
Adding users to databases is discussed in Chapter 3, “Managing Adaptive Server Logins and Database Users” in the Security Administration Guide. Granting permissions to users is discussed in Chapter 6, “Managing User Permissions.”
The database owner does not automatically receive permissions on objects owned by other users. However, a database owner can temporarily assume the permissions of other users in the database at any time by using the setuser command. Using a combination of the setuser and grant commands, the database owner can acquire permissions on any object in the database.
Because the database owner role is so powerful, the
system administrator should plan carefully who should own databases
in the server. The system security officer should consider auditing
the database activity of all database owners.
