Permissions for system procedures are set in the sybsystemprocs database.
Some system procedures can be run only by a user with specific privileges or roles. Permission check for a system procedure may differ based on the granular permissions setting. Check the Permission section for each system procedure for details. See "Using Granular Permissions" in the Security Administration Guide for more information on granular permissions.
Other system procedures (for example, all the sp_help procedures) can be executed by any user, provided that the execute permission on the procedure was granted to public in sybsystemprocs.
To deny a user permission on a system procedure, the system administrator must add the user to sybsystemprocs..sysusers and write a revoke statement that applies to that procedure. The owner of a user database can directly control permissions on the system procedures within his or her own database.