Discretionary access controls (DACs) allow you to restrict access to objects and commands based on a user’s identity, group membership and active roles. The controls are “discretionary” because a user with a certain access permission, such as an object owner, can choose whether to pass that access permission on to other users.
Adaptive Server’s discretionary access control system recognizes the following types of users:
Users possessing one or more system defined roles: system administrator, system security officer, operator, and other roles
Database owners
Database object owners
Other users
System administrators operate outside the DAC system and have access permissions on all database objects at all times except encryption keys (see User Guide for Encrypted Columns). System security officers can always access the audit trail tables in the sybsecurity database.
Database owners do not automatically receive permissions on objects owned by other users; however, they can:
Temporarily acquire all permissions of a user in the database by using the setuser command to assume the identity of that user.
Permanently acquire permission on a specific object by using the setuser command to assume the identity of the object owner, and then using grant commands to grant the permissions.
For details on assuming another user’s identity to acquire permissions on a database or object, see “Acquiring the permissions of another user”.
Object owners can grant access to those objects to other users and can also grant other users the ability to pass the access permission to other users. You can give various permissions to users, groups, and roles with the grant command, and rescind them with the revoke command. Use grant and revoke to give users permission to:
Create databases
Create objects within a database
Execute certain commands such as dbcc and set proxy
Access specified tables, views, stored procedures, encryption keys, and columns
grant and revoke can also be used to set permissions on system tables.
For permissions that default to “public,” no grant or revoke statements are needed.
Some commands can be used at any time by any user, with no permission required. Others can be used only by users of a particular status and they are not transferable.
The ability to assign permissions for the commands that can be granted and revoked is determined by each user’s role or status (as system administrator, database owner, system security officer, or database object owner), and by whether the user was granted a role with permission that includes the option to grant that permission to other users.
You can also use views and stored procedures as security mechanisms. See “Using views and stored procedures as security mechanisms”.