Permissions and authorities of groups

You grant permissions to groups in exactly the same way as any other user ID. Permissions on tables, views, and procedures are inherited by members of the group, including other groups and their members.

Ownership of database objects is associated with a single user ID and is not inherited by group members. If the user ID personnel creates a table, then the personnel user ID is the owner of that table and has the authority to make any changes to the table, and to grant privileges concerning the table to other users. Other user IDs who are members of personnel are not the owners of this table, and do not have these rights. Only granted permissions are inherited. For example, if a user with DBA authority or the personnel user ID explicitly grants SELECT permission on a table to the personnel user ID, all group members inherit select access to the table.

You can grant some authorities to groups as well.

Note
  • You can only specify WITH GRANT OPTION for users. Members of groups do not inherit the WITH GRANT OPTION if it is granted to a group.

  • Members of a group do not inherit the DBA, RESOURCE, and GROUP authority. Even if the user ID has RESOURCE authority, the members of personnel do not have RESOURCE authority.

 See also